Open-Source Internship opportunity by OpenGenus for programmers. Apply now.
Reading time: 10 minutes
Drive-By Login is a form of phishing attack in which a hacker sets up the malicious code on the victim's favorite website.
Procedure For The Attack
- In this attack, the hacker first tries to know the victim website through various methods of social engineering. After this, the hacker then tries to search out for the bugs in the website.
- As soon as he finds out the bugs in the website the hacker then do the drive-by malware attack to target the victim. After this, the hacker then just wait for some period of time.
- As soon as the victim visits that website the malicious code then executes and validates the victim's machine for the specific email or IP address. After matching the specific email or IP Address the malware is specifically delivered into the victim’s system and not to the other visitors of that website.
Mitigation For The Attack
To stay safe from this attack:
- Keep the browsers updated from time to time
- Use anti-phishing tools
- Apply the anti-spam policy in the inbox to filter out the spam emails
- Never click on any suspicious link in an email or on any website.
MCQ
Question 1
Drive By Login Is a Type Of Which Attack?
Phishing Attack
Spoofing Attack
DDoS Attack
MitM Attack
Question 2
What can be done to prevent this type of attack?
Never Click On Suspicious Link
Use Multi-Factor Authentication
Use OTP
Use Updated firewall
