There are many ways criminals can infect your devices. A standard method is phishing attacks, when you are sent a fake email or text message with a link. Once you click the link and log in, the scammer captures your details. Another popular way is through rogue software.
Earlier this month, criminals mailed infected USB drives to various people disguised as legitimate Microsoft software. While the newer delivery method differs, the use of fake software to steal your data is not unique.
Read on to see why you should be careful when downloading Adobe Acrobat files.
Here’s the backstory
Criminals are constantly jumping on the bandwagon of popular trends. For example, when cryptocurrencies went mainstream, the Google Play Store saw an increase in fake crypto wallets. They did nothing but steal your funds.
But official app stores aren’t the only place people find malware-infested programs. People have searched the web for pirated things like movies, music, and software for years. Sites that claim to offer free versions of popular programs are notorious for harboring malware.
Lately, those malicious sites have seen an increase in Google search results. Going by the delicious name “SEO poisoning,” scammers place fake links as high as possible in Google search results.
A new malware campaign targets people looking to download Adobe Acrobat Pro and 7-Data Recovery Suite for free via illegal file hosting websites.
Cybersecurity firm Zscaler said criminals embed data stealers in illegal software. This malware can steal passwords stored on your device and payment information and take screenshots.
The company found malware in the following programs:
- Adobe Acrobat Pro.
- 3D mark.
- 3DVista Pro virtual tour.
- 7-Data recovery package.
- MAGIX SoundForce Pro.
- Wondershare Dr Fone.
If you pay for legitimate versions of programs, you can avoid malware. But when cybercriminals host pirated versions that you’re looking to get for free, all bets are off.
What can you do about it
Getting malicious sites to appear at the top of Google search results is a boon to criminals. The link you click will not only take you to a spoofed site but will also redirect you to many others and ultimately infect your device with malware.
“The redirect sites that deliver the malicious files have less fancy names and are found under the “XYZ” and “CFD” top-level domains, Zscaler explains in a blog post.
You can do a few things to stay safe online, starting with never downloading software from sites that offer pirated content. Pirated software is illegal and the site is often malicious and will infect your device with malware. Here are some ways to stay protected.
- Always download apps and software from official sources like Google Play Store and Apple App Store. Unfortunately, third-party libraries don’t have the security protections that official stores provide.
- Make sure your computer’s operating system and antivirus software are on the latest version to detect any harmful activity.
- Do not open or click on links or attachments in unsolicited emails or text messages.
Always have a reputable antivirus program up to date and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for just $19 at ProtectWithKim.com. That’s over 85% off the regular price!
Beware: This Fake DocuSign Site Could Steal Your Personal Data
These bank suspension alerts are fake: don’t be fooled by them