It is a question that concerns many people, mainly because virus and malware infections are on the rise. And because most Internet users go online to access all sorts of websites. But besides this question, many others are all interconnected.
What types of websites contain viruses?
Do you need to do something specific to get infected?
What about if you have some virus protection?
How do we know these questions? Through extensive research and dialogue with our readers, we have become aware of the severe misconceptions about this topic. The wrong answers can cause you a lot of trouble. To avoid that, we need to pay attention to every detail that makes a difference.
People wonder if you can catch viruses or malware by visiting a website. And they risk going home with inaccurate information. That information gives them a false sense of security, something we want to fight.
Wondering what the most common misconceptions are?
Here they are:
- You can only get viruses from malicious websites.
- If you go to a malicious website, everything is fine if you don’t download anything.
- Even if you download something intentionally or unknowingly, as long as you don’t open it, everything is fine.
- If the malicious website tries to download something to your device automatically, your antivirus software should detect and block this action.
False.
A website does not have to be malicious to pose a threat to a user. Sure, many malicious websites are specifically designed to cause harm. But these are not the only threat.
Websites that have been hacked and contain hidden malicious code. Hackers have inserted the code without knowing the people running the website in good faith. There are also legitimate websites that may contain malicious content. Sometimes it is a script, other times it is an ad, and the list goes on.
People believe that even if you visit such a website, you do not need to get infected. If you don’t touch it, you can’t get it.
However, the problem is that you can get infected without touching them. Think of human viruses that spread from one host to another. Similarly, computer viruses can spread without your intervention.
You cannot rely on your antivirus program for any threat
Most standard antivirus programs first scan the files you access. Then they match them against a database of virus signatures. When you access a website, you download the information it contains. The antivirus program cannot decide whether the information is malicious or harmless.
Unless it is a code that has already been classified as malicious and is included in the antivirus program’s signature database, chances are that the antivirus program will not be able to protect you from an exploit attack.
But that’s not all!
Hackers have ways to spread; further, even viruses are already included in popular AV databases. They use a so-called packer that encrypts the malware. And by changing its appearance, they make it undetectable to antivirus programs that rely solely on signatures.
AV developers have found several solutions to these packers. They have implemented behavioral analysis, sandboxes, or rollbacks. In other words, the antivirus program no longer looks at the file’s signature. It tries to emulate and interpret the file’s behavior to figure out what it might do when it is released on your system.
How can something be downloaded to your device without you noticing it?
At this point, you have realized that no antivirus program offers 100% protection. But now, you might be asking whether you can download something without noticing it.
People say, “Wait a minute, shouldn’t I be able to see if something is downloaded to my device?”.
We have already pointed out that visiting a website can catch viruses or malware. That is because specific malicious files can be downloaded to your device automatically even if you don’t download anything yourself.
In this case, it is not the classic download of an attachment from the email app or a file from the Internet browser.
The attacker does not even use your Internet browser’s loader to download the malicious file. They try to keep it under the radar. So, the download path deviates from the norm and usually relies on exploits.
Most malware files are tiny, even if it wasn’t an exploit attack. If you download something as small as a few kilobytes, it’s hard to detect. Especially if you have a download speed of about 0.5 MB per second, the file will land on your device very quickly. So there would be no time for a progress bar to appear on the screen.
But again, viruses from compromised websites are usually transmitted via exploit kits. This very small malware exploit file does not take the standard download path.
Most importantly, this file is programmed to download and execute itself automatically once it is finished downloading. Some malicious files start automatically. The myth that you’re safe is invalid if you don’t manually launch a malicious file.
Exploit kits – the tools that can turn your world upside down
Exploit kits allow your device to get a virus simply by accessing a website. Many dangerous malware programs that have terrified the world are delivered to devices worldwide via EK.
Cryptoware can transmit many things from itself to banking Trojans. It’s even worse than that! Standard antivirus software is useless against this threat! And why not? Because of the reasons we’ve described above.
These exploits, also known as drive-bys, can exploit the vulnerabilities of:
- The Internet browser itself
- Application software or web services such as Adobe Reader
- A plugin such as Flash, Java, or Silverlight
- A media player software, etc.
Exploit kits are malicious toolkits. They are hosted on rogue servers. And users are redirected to them when they access a compromised website.
They have no idea what is going on. You cannot tell that you are not on the server hosting the website you wanted to access. Once your device communicates with the fraudulent server, the exploit kit collects information about you as a user.
Depending on what it finds, it decides which type of exploit will work better on your device. Then it starts delivering it. If you do not have the appropriate protection, the exploit will succeed. That means the malicious software will be downloaded and executed on your device without notice.
So far, special applications have been developed to defend against exploits. These are specifically designed to stop the malware released by such exploit kits. However, the problem is that running an anti-exploit application with an antivirus or antimalware program is not good. There can be all sorts of conflicts between the two programs. So you have to choose one after the other.
How can you protect yourself from viruses or malware when visiting a website?
Judging by the information revised so far, not all antivirus software is an effective solution because it relies on its database. Only those already known are in the AV software’s database. Not that this kind of evaluation is not practical. But it simply can’t cover all threats.
The best way to keep exploits at bay? Rely on security options that work with user permissions. Such options only allow actions that the user allows in the first place. Any action detected on your device that is not allowed is automatically prohibited. This way, malicious code is prevented from being automatically downloaded and executed on your device.
Apart from the difficult task of choosing the best software to protect your device, there are several other protection measures:
- Regardless of what software you use, keep it up-to-date. Not just the antivirus software, antimalware tool, or anti-exploit app you rely on. But also your Internet browser, operating system, and the plugins you work with. Exploit kits exploit vulnerabilities and update patches for vulnerabilities. The fewer vulnerabilities you have, the better protected you are, so don’t miss updates.
- Since plugins are a known security vulnerability, you should ideally stop using them. If you can’t, you should at least set them as click-to-play or ask-to-activate. If an exploit tries to manipulate one of your plugins, the action will not go unnoticed because the plugin cannot work unnoticed.
- Knowing that ads can be a gateway for malware, you should use an adblocker. However, keep in mind that this is only limited protection. If you land on a website where exploits are built into the actual web page and not just the ad code, an adblocker won’t help.
- Knowing that scripts run automatically and can load malicious content, you should also use a script blocker. It will protect you from on-page exploits and can also protect you from exploits that are included in advertisements. However, the latter is not a sufficient reason not to use an ad blocker in addition.
- Consider using allow listing software. This software prevents executable files from running unless you have approved them beforehand. So, if malicious code is downloaded automatically, it cannot be executed because you did not allow list it beforehand.
As always, caution is the key. Remember that mainstream websites spread malware more and more often. Hackers know it is easier to lure victims to legitimate websites and focus on exploiting their vulnerabilities instead of waiting for them to land on a questionable site.
We are trying to say that the likelihood that you will encounter malware while browsing the web is getting bigger and bigger. Instead of minimizing it, you should try to increase your chances of protection. If you know you can get viruses and malware just by visiting a website, you should rethink your online behavior and protect yourself better!
For even more protection, check out our Fix Hacked Site Online Website Malware Scanner
This website security checker scans your site for malware, removing it automatically and protecting your site from attack.
