Attack methods when entering a website
Another option is that we enter a web page and automatically download a file. This usually happens when malicious links reach us by email, we have entered from a third party page or even a legitimate website that has been attacked and they have configured it in such a way that, just by entering it, it automatically downloads files.
These files can be malware of all kinds. We may be facing a keylogger that records passwords, a virus that affects the operation of the browser, spyware, ransomware … Likewise, in many cases they will take advantage of vulnerabilities in the system to run.
We can also see how we suffer an attack simply by visiting a page when we access false links. For example, if we enter a web page to log into Facebook or make a purchase on Amazon, that link may not be original and, when paying or entering the password, that data ends up on a server controlled by the attackers.
It is very common in Phishing attacks. Basically they are links that pretend to be true, but in reality they are a very well created copy. This could also lead to malicious file downloads or false updates.
Through the sending of forms we can also have security problems. Simply by clicking, with sending our data, they can end up in the wrong hands and be the option they are looking for to send Phishing attacks later or try to scam us in some way.
These forms, as in the case of fake links, are a copy of what we really believe it to be. There we can put personal information, passwords, payment methods … All that will end up in the hands of the attacker.
Tips to avoid problems
After explaining how they can infect our system simply by entering a web page, we are going to give a series of essential tips to prevent this from happening. The objective is to have the teams prepared and to minimize the open gaps that they can take advantage of to launch attacks.
Have updated equipment
Something very important is to have the devices correctly updated. Here we can include the operating system, the browser or any program that we use. We saw that the scripts take advantage of vulnerabilities that may be in the computers, hence it is important to correct them.
With the security patches we’re going to fix known bugs and get the devices working as well as possible. This will reduce the risk that we suffer cyber attacks when entering a website or downloading a file automatically and taking advantage of any vulnerability.
Use security programs
Of course, another important point is to always have a good antivirus. For example, we can name Windows Defender itself, as well as other options such as Avast or Bitdefender. However, whatever program we choose, we must ensure that it performs its function well and is correctly updated.
Beyond having an antivirus, we can also use other security tools such as a firewall or even add-ons for the browser. The latter can detect dangerous pages that may contain viruses or malicious links. An example is the extension MyWOT, which we can install in Chrome and warns us if we are entering a dangerous website.
Avoid unsafe sites
This advice is rather from common sense. It is important to avoid, as far as possible, websites that we do not trust. For example, pages that we have reached through other sites and do not have the appearance that we expect. This can happen especially when downloading programs. This site may not be official, although it offers the possibility of downloading that application we are looking for.
We must always observe very well the URL to which we are entering. Any small change can mean that we are accessing a totally different site, which has been created simply to steal passwords or personal data of visitors who enter.
Beware of public networks
Browse the Internet on a Public Wi-FiAs an airport or shopping center can be, it also has its dangerous points. One of them is that it could have been maliciously modified to redirect us when entering a web address and actually ending up in another where our data can be stolen.
In order to improve security, one option we have is to encrypt the connection through a VPN. In this way, the information that we send through this network will be hidden, as if it were traveling in a kind of tunnel, and will not be accessible to any intruder who enters that Wi-Fi.
In short, when browsing the Internet and finding out on a web page we can be victims of different attacks. Simply by clicking on a link we can unknowingly download a virus. We have seen some essential steps that we must take to be protected at all times and not have problems.