Nowadays, many malicious Web pages can launch the downloading of malware without any user interaction only by leveraging normal Web programming techniques and deceive victims into executing the downloaded malware. This type of attack is called auto-download. The existing defense mechanisms equipped with browsers can not effectively identify the attack. In order to solve the problem, an approach was presented to mitigate the attack. The downloading operations were monitored. When a download was performing, it would be checked to see whether it was triggered by the user interaction or not. Consequently, potential auto-download behaviors would be detected and terminated. The approach had been implemented in two browsers WebKitGtk+2.8.0 and Chromium 38.0.2113.1. Both of the two detection and defense systems were evaluated. The false negatives and false positives were 0, and performance overload was 1.26% and 7.79%. The experimental results show that the proposed approach can effectively detect and terminate the auto-download attack with less performance overload.