Malware Alert!! for a Recent Blog Download

Summary – A recent photo painting post of mine had a link to FotoSketcher. Someone just notified me that after the download their computer had malware problems. Here’s what I thnk happened and how to avoid the problem yourself.

.

I was just sent an email from a reader who stated

Hey, I tried to download FotoSketcher yesterday after which I was inundated with malware and a takeover of my home page.  Just a heads up.  If I did something wrong, most likely someone else will do the same

My post contained this link FotoSketcher

It’s a safe site

as is the program with millions of downloads

 ________________________________________________________

Here’s what I think this reader did

The problem is with a Google ad

It’s on the FotoSketcher site

BUT NOT ACTUALLY PART OF THE SITE

No idea how this works; ask Google

I’ve encountered similar problems in the past

I eventually learned what to look for to avoid them

.

BEFORE CLICKING ON A DOWNLOAD BUTTON

REGARDLESS OF THE SITE YOU’RE ON

NOTICE THE SITE’S URL (BEFORE THE .COM)

IF THAT CHANGES AFTER YOU CLICK

BEWARE – YOU’RE NOT IN KANSAS ANY MORE!

Read on….

________________________________________________________

The problem I believe was caused by

The reader seeing two download options and

Choosing a bad one

One option was for

the download to come from the product’s own site

FotoSketcher in this case

The 2nd (which I’m guessing he used)

Took him away from the FotoSketcher site

This new site not only downloaded FS BUT

If you didn’t read the fine print

a bunch of crap as well

Why Google ads don’t put a check on

These sorts of things is a mystery (probably $$$)

________________________________________________________

Here are screenshots that show what I’m sure happened –

Click to enlarge any screenshot

#1 – Reader saw this and assumed both downloads options were the same

11-5-2013 1-11-33 PM

——————————

#2 – Clicking #2 took him to this next screen

Two things to note

1. The URL has changed; he’s left the FS site

2.”Fine print” in pink is an invitation to download malware IMO

The default is often TO DOWNLOAD

If you’re not paying attention – trouble!

11-5-2013 1-16-39 PM

——————————

#3 – This is where he should have landed

How do you know? Check the URL!!

but even so that #2 option

was stilling lurking off to the right

11-5-2013 1-18-27 PM

________________________________________________________

Come on, Google, clean up your ads!!!! 😦

BEFORE CLICKING ON A DOWNLOAD BUTTON

REGARDLESS OF THE SITE YOU’RE ON

NOTICE THE SITE’S URL (BEFORE THE .COM)

IF THAT CHANGES AFTER YOU CLICK

BEWARE – YOU’RE NOT IN KANSAS ANY MORE!

I’ve notified FotoSketcher

Will update if they shed any light on this

________________________________________________________

Subscribe (see sidebar). New posts daily.

  • No sidebar? Click here or the blog title at the top of this page.

Another option – Click on the “Follow” button at the bottom right of the screen.

  • Or – “Follow” in your admin bar, displayed at the top of the screen, for logged-in WordPress.com users.

________________________________________________________

6 thoughts on “Malware Alert!! for a Recent Blog Download

  1. Sage advice, no matter where you are on the ‘web! It’s so easy to get tangled up in a hidden URL maze. You MUST pay attention.
    Dl’ed Fotosketcher and it’s great fun. Disclaimer: I’ve gotten bitten more than once in past downloads!

  2. Google allowing these “Download” ads through is bad (if it was Google). A web site monetizing on their download page is bad as well. But — downloading software from the Internet and not scanning it for viruses/malware before installing is very bad. So is just clicking on “next” during the install-process without reading what you are going to install. Your ad-download actually retrieved an entirely different software; 7-Zip. Maybe 🙂

    • All true. Plus I had to waste my time creating this post out of a sense of responsibility – having posted the original link – because I can’t assume that we all don’t know better when we should. Be careful out there netizens.

  3. One last comment:
    Windows (I can’t speak for Apple) has a wonderful utility; “System Restore” which has saved my bacon on more than one occasion.
    If I’m even a little suspicious of a download, I’ll create a restore point before I execute the program setup file. If things go deep south, I hit “The Way Back” button – like the program was never executed.

    • I agree and have had my bacon saved as well. However, it didn’t help me entirely last month when the new Nik Collection beta messed up my system. Part of the collection – the part that got messed up – fell under the category of “documents” which is one thing that System Restore leaves alone. The thing that saved the entire bacon in that case was the fact that I do daily backups of my system. Once anal always anal. 😉

Comments are closed.