17 February 2016
When we work on clients computers we often find software we have never seen before. Many times the software has been downloaded from the Internet by the owner of the computer to perform a specific function such as creating PDF files or viewing videos. In many cases the software has been downloaded specifically because it is advertised as free.
The person that has downloaded the software has gone to Google and done a search for say "free pdf creator". Google has returned a whole lot of results and the user has picked a link they like and hey presto they are downloading a free pdf creator. What they may not realise is that as well as the software they believe they are installing other software may be installed. To give you an example where an update to the Adobe Acrobat reader also installed McAfee Security Scan Plus without any prompting at all. Whilst Security Scan Plus is not malicious software people updating or installing Acrobat had no idea it was being installed.
When you type in a search Google does not discern between reputable software sites and disreputable sites. It is relatively easy for a disreputable site to bundle additional software in with the software that you think you are downloading. For instance PDF creation software my also install remote control software and a key logger at the same time. How would you know? The next time you go to do your Internet banking they have you bank account details and login password.
Think your anti-virus software if going to protect you? Probably not. CNN reported last year that there were nearly 1 million new malware threats issued per day in 2014. And this rate is escalating. If you think that any single malware vendor can keep up with that much malware you are mistaken.
We had an incident recently where someone had downloaded Adobe Acrobat Reader from a disreputable site and it installed a whole lot of malware. It took us a few hours to clean up and even then we could not be 100% sure we had got everything. The worst thing was this could have been avoided if they had just downloaded the software from Adobe's own site.
Thing to take away from this:
1. Only download software from reputable sites and from reputable vendors.
2. If you buy software there is less chance that it has an unexpected payload.
If you are not sure about where to get software then please talk to Doug on 9882-5000 or email firstname.lastname@example.org. A bit of investigation and care could save you a lot of time and money.