{"id":6510,"date":"2013-11-15T12:01:06","date_gmt":"2013-11-15T17:01:06","guid":{"rendered":"http:\/\/thundercloud.net\/infoave\/new\/?p=6510"},"modified":"2013-11-15T12:01:18","modified_gmt":"2013-11-15T17:01:18","slug":"heres-how-you-get-malware-via-trickery-and-deceit","status":"publish","type":"post","link":"https:\/\/www.thundercloud.net\/infoave\/new\/heres-how-you-get-malware-via-trickery-and-deceit\/","title":{"rendered":"Here&#8217;s how you get malware via trickery and deceit"},"content":{"rendered":"<h2><strong>How to get Malware &#8211; quickly and easily<\/strong><\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"Cloudeight InfoAve\" src=\"http:\/\/thundercloud.net\/infoave\/images\/2014\/howtogetmalware.png\" width=\"480\" height=\"442\" \/><\/p>\n<p>I was browsing a computer tech news site when, out of nowhere, without clicking anything, a page opened displaying the above notification. It looks a lot like Adobe Flash Player installer. Of course, I was not on a page requiring any media player (and even if I was I would have never downloaded something I didn&#8217;t ask for, from a site I am not familiar with), but because I wanted to take a screen shot of this Window, I left the page up, took the screen shot, and read the really crafty and misleading message at the bottom.<\/p>\n<p>In case you can&#8217;t read the description of the software in the above screen shot, this is what it says:<\/p>\n<p><em>&#8220;This site is distributing a modified installer which is different than the original distribution. This new installer complies with the original software manufacturers (sic) policies and terms &amp; conditions. Air installer is an install manager, which manages the installation of your chosen software. In addition to managing your download and installation. Air Installer may offer additional and optional software. You are not required to install any additional software to complete your installation. You can always completely remove the programs at any time in Windows Add\/Remove Programs utility.&#8221;<br \/>\n<\/em><br \/>\nSo you&#8217;d think this would be Adobe&#8217;s Air Installer, right? Nope it&#8217;s not. It&#8217;s a collection of malware installed by Air Installer. And notice too, it says &#8220;&#8230;Air Installer may offer additional and optional software. Your are not required to install any additional software to complete your installation&#8230;&#8221; But the truth finally comes out &#8211; in the last sentence: &#8220;You can always completely remove the programs at any time in Windows Add\/Remove Programs utility.&#8221; So whether or not you uncheck the bundled malware, you&#8217;re going to get it anyway. And you can bet if you try to uninstall these programs via Remove Programs or Add\/Remove Programs (in XP), only part of the program will be removed but the toolbars and hence the malware will remain.<\/p>\n<p>We cannot caution you often enough &#8211; regardless of the security software you use &#8212; to use the software that you were born with, and you&#8217;ve used every single day of your life, to navigate the &#8220;real&#8221; world &#8212; your common sense. Don&#8217;t click things unless you are positive you know what you&#8217;re doing. Read the fine print and make an informed decision. How many of you would have clicked the OK button? How many of you would have clicked that OK button after you had read the descriptive text? Dear friends, none of those buttons on that dialog worked except for the OK button in the white box. Once you click the OK button in the white box, the download and installation would have begun. The Install and Remind Me Later buttons are there for appearance only, as are the Privacy Policy, the Terms and Conditions, Contact Us and How to Uninstall links. None of the button or links in that dialog work except for the OK button in the white box. The links and buttons are a ruse to make it this installation look official. In order to get to the other buttons you have to click the OK button first &#8212; and that is the real install button.<\/p>\n<p>The only way I could close the above page and dialog was to use the ALT+F4 keys, otherwise I could not navigate away from that page or open any other pages. This stuff should be illegal, but it&#8217;s not. And miscreants are not stupid &#8212; some are very smart &#8212; and if you don&#8217;t bring your brain with you when you&#8217;re on the Web, they are going to outsmart you. Don&#8217;t let them win. Use your head &#8212; THINK, READ, and BE SKEPTICAL. There are charlatans and criminals all over the Web and some of them are big companies whose names you may recognize. It&#8217;s all about money. And it&#8217;s all wrong.<\/p>\n<p><span style=\"color: #000000; font-family: Arial, Helvetica, sans-serif; font-size: 16px; line-height: normal;\">\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>How to get Malware &#8211; quickly and easily I was browsing a computer tech news site when, out of nowhere, without clicking anything, a page opened displaying the above notification. It looks a lot like Adobe Flash Player installer. Of course, I was not on a page requiring any media player (and even if I was I would\u2026 <span class=\"read-more\"><a href=\"https:\/\/www.thundercloud.net\/infoave\/new\/heres-how-you-get-malware-via-trickery-and-deceit\/\">Read More &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1462,1669,1670,1656,10],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/6510"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=6510"}],"version-history":[{"count":2,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/6510\/revisions"}],"predecessor-version":[{"id":6512,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/6510\/revisions\/6512"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=6510"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=6510"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=6510"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}