This screen popped up after I clicked on a link on Reuters. It looks like an official page from Adobe, telling me I have to install the latest version of Flash. It is not. At the bottom, there is a disclaimer telling us what it is:
We are not affiliated or partnered with Adobe […] This offering is for a download manager that will install independent 3rd party software that will update the advertised program.
I do believe that if I download and run the installer, it will in fact install the latest version of Flash. I’m sure it will also install applications that deliver a steady stream of popup ads. It will probably hijack my browser and prevent me from using Google, instead delivering a bunch of paid-for results whenever I try to search for something. It might do even worse than all that.
But it looks so real. Here’s another example.
This is a page from Sourceforge, a big repository for open source projects, and it’s the Sourceforge page for Xming, a server which allows you to run Linux X applications from a remote server on a Windows desktop. It’s OK if you have no idea what that means. Xming isn’t the problem. The problem is those “Regular Download” and “Premium download” buttons on top. They have nothing to do with Xming and almost nothing to do with Sourceforge. Those are part of an ad. The real download button is the green one closer to the center of the screen. If you click one of the buttons on top, it will take you to another page where you can download another malware installer like the one disguised as the flash updater.
So why Doesn’t Sourceforge do something about these scammer ads on their website? Probably for the same reason I don’t do anything about the ads that may appear on this blog. We don’t see them. In my case, I have nothing at all to do with them. Whatever ads appear on this site are delivered by WordPress, not me. In the case of Sourceforge, they’re just renting space out to Google Ads, and Google Ads is probably working with other companies. Sourceforge has about as much to do with the scammers as your mail carrier does to the scammers who send junk mail to your door.
At any rate, they’re getting trickier out there. They’re doing a good job making their spamware and spyware installers look official, so be sure to double check what you’re clicking on before downloading anything.