Malicious Web sites threaten normal users

Until recently the chances of an average user encountering a hostile website was very small. Those at risk were mainly adventurous surfers who roamed to the nether regions of the web.

Not anymore. Take this letter from subscriber Roy Waidler as a warning:

" Gizmo, the proliferation of drive-by spyware downloads has expanded to places where you’d least expect them. My daughter went to a recipe site – yes, a recipe site – and when she closed out the window after getting her recipe a drive-by installer for EraseSure got in so fast that she didn’t have a chance. It got our OS big time. What impressed me was the speed in which this thing got into our computer, I’ve never seen the like – and it ate ZoneAlarm’s firewall like candy in the process. Two other people with whom we have frequent contact have reported getting drive-bys at Xanga PC Optimizer and another at an unnamed guitar information site; the latter had SpySheriff waiting for him. Those who are in your words "adventurous surfers" have classically been the ones at risk for drive-bys but the expansion of them into "normal" websites is somewhere between amazing and appalling."

Roy’s letter underscores the risk. It also highlights that even the best security software is vulnerable to a malware program that is allowed to run on your PC. That’s one of the reasons I’ve moved away from running ever more security products. Instead I put more effort into preventing these nasties getting a foothold on your PC in the first place

Here are two free preventative measures to protect against hostile websites:

First, install McAfee Site Advisor [1]. It’s a free browser plug-in that appends site security ratings to search engine listings. This will help to prevent you from accidentally surfing to a hostile site while sifting through your search engine results.

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.

= Paid content

All Windows Secrets articles posted on 2007-09-13: