A fake installer exploit is often delivered using a watering hole attack. In this type of attack, the attacker identifies websites that are frequently visited by the targeted individuals and injects malicious software into them. When the targets visit these compromised sites, the malicious software, such as a fake installer, is delivered to their systems.