Protect yourself from Drive-by Downloads with Firefox's add-on, NoScript.
Very recently I posted a page on Scareware, an increasingly prevalent and perverse method of infecting computers with malware (viruses, trojans rootkits, keyloggers and other pernicious junk). Unlike that scenario where someone might be tempted to download and install on their computer something that looks to be a legitimate anti-spyware program but instead turns out to contain a whole host of malware that it misleadingly proposed to help the user guard against, a Drive-by download occurs without much if any interaction on the user's part at all. You can become a victim of a Drive-by download just by visiting a purposely infested website or a perfectly innocent website that cyber criminals have managed to sabotage. And you don't necessarily have to slum around in the sleazy neighborhoods of the Web to become a victim of a Drive-by download although doing so would very much increase your chances of becoming a victim. On April 15, 2010, researchers at ALWIL Software, providers of Avast Anti-virus software publicly announced that they had used automated feed-back from their users to estimate that there are approximately 252,800 domains (websites) world-wide infected with malware. That amounts to 2,150,000 infected web pages world wide. ALWIL did not provide any numbers on infected sites registered in the US. But for British-based websites alone, the list included over 3,000 infected domains. Many of the infected sites were small businesses or travel sites such as harrysbars.co.uk and westminster-london-hotels.co.uk. The point being that these infested sites are not the type of website that one would ordinarily be suspicious of.