Sunday, February 8, 2015

It's not safe out there

Many people have asked me how to prevent being infected with a virus or spyware. My answer is that you should use a good anti virus program and perhaps a separate anti malware program (such as MalWareBytes). However, even the best anti virus program is no substitute for common sense and good surfing behavior. Unfortunately, to an inexperienced user, the bad guys come up with all manner of ways to try and trick you into visiting sites or downloading programs that are not in your best interest. It's important to look carefully at every thing you click on and, if you don't clearly understand what you're doing, STOP! Because most web site exist to make money, you've got to be extremely vigilant to not allow them to take an unfair advantage of you.

Most web sites in themselves are not dangerous. But, they often will sell ad space to other companies (this is how a lot of "free" sites make money). When these "banner" ads are sold and placed, the company that owns the web site may not spend a whole lot of time evaluating the content- Maybe they're too busy counting their money? As a result, questionable ads may appear even on what should be considered legitimate web sites. As an example, here is a banner ad that appeared on a well known web site on April 19, 2013. I know for a fact that this was not the result of another infection as this appeared on a computer that had just been re-built and this was the very first time it had been connected to the Internet
Notice the circled ad in the middle of the page. This looks like something you might need from the description and it looks vaguely familiar. In particular, notice the logo:
And see how similar it looks to the logo for Flash Player from Adobe:
It's important to remember that Adobe Flash Player is a legitimate program but Flash Video Downloader is NOT. The small (very small) text just below and to the right of this ad gives a clue with the phrase "GetSavin - About this ad". A Google search for GetSavin will bring up numerous pages as to how to get rid of this. An explanation as to what it ACTUALLY is:

If you are seeing in-text advertisements and pop-up ads from “Ads by GetSavin” within Internet Explorer, Firefox or Chrome, then your computer is infected with an adware program.
GetSavin is an adware program that is commonly bundled with other free programs that you download off of the Internet. Unfortunately, some free downloads do not adequately disclose that other software will also be installed and you may find that you have installed GetSavin without your knowledge.GetSavin is advertised as a program that will enhance your experience while viewing a video on YouTube. Though this may sound like a useful service, the GetSavin program can be intrusive and will display ads whether you want them to or not. 
The GetSavin adware infection is designed specifically to make money. It generates web traffic, collects sales leads for other dubious sites, and will display advertisements and sponsored links within your web browser.
GetSavin it’s technically not a virus, but it does exhibit plenty of malicious traits, such as rootkit capabilities to hook deep into the operating system, browser hijacking, and in general just interfering with the user experience. The industry generally refers to it as a “PUP,” or potentially unwanted program.
GetSavin is an ad-supported (users may see additional banner, search, pop-up, pop-under, interstitial and in-text link advertisements) cross web browser plugin for Internet Explorer, Firefox and Chrome, and distributed through various monetization platforms during installation. GetSavin is typically added when you install another free software (video recording/streaming, download-managers or PDF creators) that had bundled into their installation this adware program. When you install these free programs, they will also install GetSavin as well. Some of the programs that are known to bundle GetSavin include “Youtube Downloader HD”, “Fast Free Converter”, “Video Media Player 1.1″ and “DVDX Player 3.2″.
When installed, GetSavin will display advertising banners on the webpages that you are visiting, stating that they are brought to you by “Ads by GetSavin”.
GetSavin may also display pop-up advertisements, in-text ads and and as you browse Internet, it will show coupons and other deals available on different websites.
The justification for the GetSavin Ads according to its author, is that it helps recover programming development cost and helps to hold down the cost for the user.
(Source: http://malwaretips.com/blogs/ads-by-getsavin-removal/
The problem is, this stuff gets installed without your knowledge. You may have given your permission to install it, but it's your permission without your informed consent.

Bottom line: if a web site like MSN.com can have something like this, is there really any safe web site? There is no substitute for common sense. If you have the tiniest question about something being installed, don't do it. Instead, research the item and make 100% sure it's something you need.



.

No comments:

Post a Comment