(The quickest way to register)

Online Threats - Browser exploits

What are browser exploits?

Browser exploitA browser exploit, sometimes called browser hijacking or a drive-by download, is a form of malicious code that takes advantage of a flaw or vulnerability in an operating system or piece of software with the intent to alter your browser settings without your knowledge.

Where do browser exploits come from?

When there is a weakness in your browser or if browser security is set low, vulnerabilities can be exploited by cybercrooks. For example, ActiveX scripts could install by themselves which can be used to change policies and change a program to make its removal difficult. Users can be tricked into downloading and installing a hijack themselves. Some browser exploits come in the form of an error report that appears to be from the user's own PC. Malicious websites can give instructions to install a particular plug-in to view the site correctly and others make the user believe they are getting a browser enhancement or a system update.

How do browser exploits affect my computer?

Usually browser exploits don't harm your data or spread themselves through email. But hijacks make your computer vulnerable to other attacks.

Symptoms of a browser hijacking:

  • Your homepage, search page or favorites have been altered
  • Options in your Internet settings have been changed
  • Access is blocked to certain functions
  • Redirection of incorrectly typed URL prefixes (for example, you type the wrong address or extension and you get redirected to a porn site)

How do I protect myself from browser exploits?

  • Install a firewall to protect your computer from incoming attacks as well as programs that try to transmit data from your computer
  • Keep your operating system, browser and other software updated
  • Never accept files from someone you don't know
  • Don't open email attachments from unknown or unexpected sources
  • Use caution when downloading files
  • Scan downloaded software before executing
  • Disable ActiveX, Java and JavaScript objects if possible
  • Consult WOT's website reputation scorecard for more information on unknown sites

See also Adware, Internet fraud, Malware, Phishing, Spam and Spyware