Install the latest freeware and there’s a good chance you’ll find some bundled adware, too, but most people know how to avoid it. Chose the "Advanced Installation" option, click "Decline", clear a few checkboxes and you’ll probably be safe.
Unfortunately some of the adware companies are realizing that the old techniques just don’t cut it any more, and they’re now using even more tricks to try and force that payload onto your PC. Just take a look at what happened when we tried to install a single freeware package on our test PC.
- "Basic"/ "Advanced" installation
The setup program opens with the standard "Basic installation" selected by default, so if you don’t read the text explanation and simply click Accept, all your browser home and search pages will be configured.
Click "Advanced installation" and checkboxes appear where you can prevent the installer making any unwanted changes.
That’s fairly standard, but look closer: there’s no "Next" button, just "Accept".
There’s a tiny "Decline" word at the bottom left, but it’s not clickable.
Maybe it’s a mistake. But we suspect the real reason is to make you think that there’s no point clicking "Decline" as it doesn’t do anything, so instead the "Accept" button is the way to go.
And as there really was no alternative, we clicked the button to move on.
- One option only
The installer next displays what seems to be a license agreement, with the name of the freeware, and a bold sentence which says "Click Accept now to continue your installation".
Looks down at the bottom of the dialog, though, and in tiny writing you’ll see that clicking "Accept" also confirms that you "have read and agree to Wajam".
The wording is deceptively vague, giving you no idea that this might involve installing something on your PC.
And the other twist is that, as with the previous screen, there’s no "Decline" button. Only a tiny "Decline" word, which even if you’ve noticed it, you’ve already been conditioned to think won’t work.
But this time it’s different. The word isn’t highlighted in any way, and there’s no indication that it’s anything other than a piece of text, but it’s actually a link. Click "Decline" and you can continue without installing this app.
- More offers
The next page brings yet another offer, with a bold line persuading the unwary to "Click Accept now" to continue the installation.
Why? Perhaps because if they read the details of this "component", "Results Hub", they’d find it changes their search provider, home, startup and new tabs pages, installs "browser tools", displays ads, "collects your browsing information & data" and "shares this with third parties for advertising & other purposes", "adjusts your browser settings" and "may automatically update or enable other features". That is, can employ new tricks to further make money out of you whenever it likes.
Again, there’s no "Decline" button, just a tiny word, but clicking it avoids installing the adware and moves you on.
- Change the rules
You’ve figured out the Basic/ Advanced installation trick.
You’ve spotted the tiny "Decline" text, and you’re looking for that.
So what now? They change the rules, giving you an entirely new "Express Install"/ "Custom install" choice in a different layout.
If you’re just scanning the page, looking for key elements -- checkboxes to clear, Decline links, anything you’ve seen before -- there’s a chance you’ll be fooled.
And even if you’re smarter than that, the installer hasn’t finished with you yet.
- Logic problems
Choose the "Custom Install" option and you’ll get a couple of checkboxes you can clear. Great.
But wait. There’s still only an "Accept" button, not a "Next", and at the bottom of the screen is a line that says "By clicking ‘Accept’ you confirm that you have read and agree to Super Optimizer SpaceSoundPro".
You might think, no, I don’t agree with it. That’s why I cleared the checkboxes. I want a "Next" button which takes me forward, without accepting anything at all. But there isn’t one, so you click "Accept" anyway.
- Scary alert A
The adware companies know that some users will be concerned at this point, which is probably why they try to throw them with a "scary" alert.
"You decided to remove the following products…", the dialog tells us, incorrectly: we’ve not installed them yet.
"This will affect your computer", it claims. How, exactly? That’s about the same level of honesty and truth we’d expect from a phishing email.
But at least it tells us we can "click OK to abort", right? So by "Abort" it’s going to mean stop the current process, either abort the installer entirely, or return us to the previous step. Yes?
Well, no, clicking "OK" doesn’t abort anything -- it actually causes the program to immediately install the two components from the final step, even though you said you didn’t want them.
- Scary alert B
Understandably, if you lose track of what’s happening at any point during this process you might simply click the close button on the installer window…
But even that isn’t entirely trouble-free.
The first issue is another scary warning asking if you really, really mean it, because this is "NOT RECOMMENDED".
This is only "not recommended" for them, of course -- it’s not even faintly a problem for you as the installer hasn’t done anything yet, and in fact, if you’re not sure what you’re doing, closing it is probably the best idea.
Although even if you do shut down the installer, it has one further small trick to play, opening a window in your default browser to display a web ad.
And the message is…
Don’t get complacent. Even if you think you know exactly what’s happening, read every word of every installation page before you click on something.
And because you’ll still mess up occasionally, have something like Malwarebytes Anti-Malware on hand for emergency cleanups.
Be careful out there.
Photo credit: Marcos Mesa Sam Wordley / Shutterstock
Aucun commentaire:
Enregistrer un commentaire