There are plenty of ways that criminals can infect your devices. One standard method is phishing attacks, when they send you a bogus email or text message with a link. Once you click the link and sign in, the scammer captures your details. Another popular way is through fraudulent software.
Earlier this month, criminals mailed infected USB drives to several people disguised as legitimate Microsoft software. While the newest delivery method differs, using fake software to steal your details isn’t unique.
Read on to see why you must be careful when downloading Adobe Acrobat files.
Here’s the backstory
Criminals are constantly bandwagoning popular trends. For example, when cryptocurrencies became widespread, the Google Play Store saw an increase in fake crypto wallets. These did nothing but steal your funds.
But official app stores aren’t the only place people find malware-infested programs. People have searched the web for pirated things like movies, music and software for years. Sites claiming to offer free versions of popular programs are famous for hosting malware.
Lately, those malicious sites have seen a boost in Google Search results. With the delightful name of “SEO poisoning,” scammers push fake links as high up on Google Search results as possible.
A new malware campaign targets people looking to download Adobe Acrobat Pro and 7-Data Recovery Suite for free through illegal file hosting websites.
Cybersecurity company Zscaler said criminals embed infostealers into illegal software. This malware can steal passwords stored on your device and payment information and take screenshots.
The company found malware in the following programs:
- Adobe Acrobat Pro.
- 3DVista Virtual Tour Pro.
- 7-Data Recovery Suite.
- MAGIX Sound Force Pro.
- Wondershare Dr. Fone.
If you pay for legitimate versions of programs, you can avoid malware. But when cybercriminals host pirated versions that you are looking to get for free, all bets are off.
What you can do about it
Getting malicious sites to appear high on Google Search results is a boon for criminals. Not only does the link you click go to a spoofed site, but it’ll also most likely redirect you to many others and ultimately infect your device with malware.
“The redirection sites which deliver the malicious files have less fancy names and stand on “XYZ” and “CFD” top-level domains,” Zscaler explains in a blog post.
You can do a few things to stay safe online, starting with never downloading software from sites that offer pirated content. Pirated software is illegal, and the site is often malicious and will infect your device with malware. Here are some ways to stay protected.
- Always download apps and software from official sources like the Google Play Store and Apple’s App Store. Unfortunately, third-party libraries don’t have the security protections provided by official stores.
- Ensure that your computer’s operating system and antivirus software is on the latest version to catch any harmful activity.
- Don’t open or click links or attachments in unsolicited emails or text messages.
Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!
Watch out – This fake DocuSign site could steal your personal details