What is a drive-by download?

Drive-by downloads automatically install malware when victims visit malicious web pages. Email links direct recipients to exploit pages that compromise systems without requiring file downloads or clicks beyond the initial link.

Technical mechanism: malicious page contains exploit code targeting browser or plugin vulnerabilities. When page loads, exploit runs automatically, downloading and installing malware without user interaction beyond clicking the link.

Protection includes: keeping browsers and plugins updated, using browser isolation, blocking known malicious URLs, and limiting user privileges so drive-by exploits can't install system-wide.