What is a Watering Hole Attack?
A watering hole attack occurs when hackers add malicious code to a website, like what recently happened to Yahoo, and site visitors are then infected with a virus. This can pop up on any legitimate site you visit and the hackers are getting trickier every day, so you should always be cautious and alert to anything suspicious on ANY site.
Sometimes, watering hole attacks will open a new browser tab without you clicking on anything. They will display a message that seems legitimate, such as one that tells you that your browser needs to be updated in order to maintain a secure browsing experience. DON’T FALL FOR THIS!! If you see a message like this, unless it comes directly from the browser developer (i.e. Google or Microsoft), close the browser window by clicking the X on the tab. Be sure you do this without clicking on anything on the page.
Because this type of message seems to be trustworthy, it is a very clever tactic for hackers to use. Everyone knows that they need to keep their browser updated for security purposes right? It’s much easier to recognize a pop-up message as a fake, however this type of message actually opens a new tab in the browser. They often give you the option of installing the update rather than it automatically doing so. Furthermore, these types of messages open while you’re visiting a reputable website. See how easy it could be to be tricked? You’re moving quickly on the web and not paying full attention, you click the wrong link and you get a virus downloaded to your computer!
So, how can you tell that this kind of message is a fake or not?
Be sure you always check the URL of the page before you accept the update. For example, newbrowserversion.org was the site of a recent watering hole attack of this type. DO NOT GO TO THIS URL!! It is listed here just as an example. Your browser updates will ALWAYS come from Firefox/Mozilla, Google, Microsoft, Opera and Apple…the developers of these browsers…NOT some random third-party website.
Also, browser update messages don’t open new tabs. Safari updates are in OS X’s update system. Chrome updates automatically in the background. IE uses Windows Updates and Firefox pops up a message telling you that a new version is ready for installation. It’s a good idea to be familiar with your browser’s schedule for updates. IE updates usually are the first Tuesday of every month. Firefox does a big update every 6 months.
Your antivirus software may not detect this type of watering hole attack so it’s best to look closely at everything on the page, including the URL, before you ever click to install an update on your computer. Your computer and website security depends not only on your antivirus software, but also on your careful consideration before installing anything from a site that you don’t recognize.