Here’s how you get malware via trickery and deceit

By | November 15, 2013
Print Friendly, PDF & Email

How to get Malware – quickly and easily

Cloudeight InfoAve

I was browsing a computer tech news site when, out of nowhere, without clicking anything, a page opened displaying the above notification. It looks a lot like Adobe Flash Player installer. Of course, I was not on a page requiring any media player (and even if I was I would have never downloaded something I didn’t ask for, from a site I am not familiar with), but because I wanted to take a screen shot of this Window, I left the page up, took the screen shot, and read the really crafty and misleading message at the bottom.

In case you can’t read the description of the software in the above screen shot, this is what it says:

“This site is distributing a modified installer which is different than the original distribution. This new installer complies with the original software manufacturers (sic) policies and terms & conditions. Air installer is an install manager, which manages the installation of your chosen software. In addition to managing your download and installation. Air Installer may offer additional and optional software. You are not required to install any additional software to complete your installation. You can always completely remove the programs at any time in Windows Add/Remove Programs utility.”

So you’d think this would be Adobe’s Air Installer, right? Nope it’s not. It’s a collection of malware installed by Air Installer. And notice too, it says “…Air Installer may offer additional and optional software. Your are not required to install any additional software to complete your installation…” But the truth finally comes out – in the last sentence: “You can always completely remove the programs at any time in Windows Add/Remove Programs utility.” So whether or not you uncheck the bundled malware, you’re going to get it anyway. And you can bet if you try to uninstall these programs via Remove Programs or Add/Remove Programs (in XP), only part of the program will be removed but the toolbars and hence the malware will remain.

We cannot caution you often enough – regardless of the security software you use — to use the software that you were born with, and you’ve used every single day of your life, to navigate the “real” world — your common sense. Don’t click things unless you are positive you know what you’re doing. Read the fine print and make an informed decision. How many of you would have clicked the OK button? How many of you would have clicked that OK button after you had read the descriptive text? Dear friends, none of those buttons on that dialog worked except for the OK button in the white box. Once you click the OK button in the white box, the download and installation would have begun. The Install and Remind Me Later buttons are there for appearance only, as are the Privacy Policy, the Terms and Conditions, Contact Us and How to Uninstall links. None of the button or links in that dialog work except for the OK button in the white box. The links and buttons are a ruse to make it this installation look official. In order to get to the other buttons you have to click the OK button first — and that is the real install button.

The only way I could close the above page and dialog was to use the ALT+F4 keys, otherwise I could not navigate away from that page or open any other pages. This stuff should be illegal, but it’s not. And miscreants are not stupid — some are very smart — and if you don’t bring your brain with you when you’re on the Web, they are going to outsmart you. Don’t let them win. Use your head — THINK, READ, and BE SKEPTICAL. There are charlatans and criminals all over the Web and some of them are big companies whose names you may recognize. It’s all about money. And it’s all wrong.

 

10 thoughts on “Here’s how you get malware via trickery and deceit

  1. Barb

    I wouldn’t even have known what Alt+F4 does, and I these days hesitate to download anything due to my ignorance. Thank you for your timely warnings, the internet is getting to be a proper death-trap.
    Barb.

    Reply
  2. lindal

    Unfortunately I have already been duped. Probably more than one time. It makes me sick and Yes, my computer seems to have problems now. I am now a loyal reader of your updates.

    Reply
  3. Jean Leclair

    I was on Goggle Chrome a few days ago and all of a sudden the tool bar changed and it read conduit. It came up so fast I didn’t have a chance to get rid of it. I found it on Add or Remove on Revo so I ran it and It look like I got rid of it. I checked search and it found 36 entires with conduit. I got rid of most of the entries so searched again and found a few more . I was able to delete and ran search again, it showed no more entries. I did have a problem after that I couldn’t go back on Google Chrome. I tried and tried. I ended up uninstalling Googe Chrome. I later tried to reinstall Googe Chrome but would not install. It has been a couple days and I still can’t get to reinstall. I can still read my emails, play games, download pictures and check out other sites like Cloudeight I also did another search and still have not seen conduite on the list. Just wanted to mention how fast something can happen while your on the web. I hoping around the first of the new year I will be buying a new computer. This XP is old and tired. Buy the way I had a download show up just like the one on this article. Did not fall for it, but it looked geniune. Thank you guys for all you help and information.

    Reply
  4. Mary M

    Thanks TC- I have to be careful cause I’m one of those night owls and have been blessed that I haven’t gotten caught with some for a long time, when i’m on here bleary eyed.

    Reply
  5. Grace A

    I’ve had that window show up as well and, though I don’t remember clicking on it, somehow, adware or something was installed on my laptop and has hijacked my browsers. I don’t see any rogue names on Add/Delete Programs, and Malwarebytes, Spybot and AVG have yet to remove it. As soon as I’m able to, I plan on purchasing the Emsisoft in hopes that that will take care of the problem.
    Thanks EB & TC for all the work you do.

    Reply
  6. Donna Mae

    It has all been said but I will say it again—THANK YOU. I AM DETERMINED TO KEEP MY BRAIN ACTIVE — SO MUST KEEP READING ALL YOUR ARTICLES–ETC. — AND TRY TO REMEMBER THEM !!! WISH ME LUCK….I AM SURE YOU TWO ARE KEEPING ME REASONABLY ALERT—TOO MANY BIRTHDAY’S !!!!!. I HAVE AVOIDED A LOT OF TROUBLE BY KEEPING UP WITH YOUR HELP. EMISISOFT IS NEXT.

    Reply
  7. Ramona Perry

    I so appreciate your honesty TC and EB. So many businesses in the world are not honest anymore and are just in business for the money. If I were ever to win a lottery your business would be donated to first. The information that you provide to all of us is invaluable. I read my information recieved from Cloueight first, that way I know my day will be a much safer day on the internet. Thank you again for all of the information you share with all of us.

    Reply
  8. madeline

    i appreciate all the invaluable hints that you send our way……..i keep” post it” notes with some of your outstanding warnings taped to my computer desk for a quick look if i seem to think the pop ups or anything else are questionable…..happy thanksgiving…….

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *