You can’t trust Google results for software downloads right now
vendredi 3 février 2023, 22:32 , par PC World
Not even a month ago, sharp-eyed Redditors noticed that searching for AMD graphics card drivers on Google served up a shady text ad as the first result. Our advice then (as now) was to be careful when looking for Radeon software, plus maintaining good search habits in general. Life’s far easier when you sidestep malware.
At the time, this incident seemed more of a one-off reason for heightened awareness. Even with the more recent report about Bitwarden suffering from a similar issue, using Google seemed mostly business as usual. Turns out though our threat alert should be set much higher—other major downloads like Adobe Reader, Microsoft Teams, OBS, Slack, and Gimp are being targeted, too.
As thoughtfully detailed by Ars Technica, the sharp rise in malvertising is a new phenomenon, stemming from Microsoft’s improved blocking of dangerous Word macros. When one field dried up, bad actors simply moved to another to farm. The trend is bad enough that security researchers have sounded the alarm—but so far, Google hasn’t squashed the issue yet, though the company commented to Ars that “addressing [the increase in malicious text ads] is a critical priority.” Until a proper fix goes live, that leaves everyone who uses Google search to fend for themselves in the meanwhile.
One of these links is not like the others.
So what can you do? The pat answer is “Don’t click on results labeled as ads,” of course. You can also always check the link address to verify its authenticity, plus scroll down the page to see if you spot a duplicate result. Currently, if you see a second link for the same site, that one is usually more trustworthy, since ads get placed right at the top of results. And as a final safety net, you can install an ad-blocker on your browser, like uBlock Origin. Sites you trust and want to support can get manually added to the extension’s approved list (which allows ads to show), while all others (including Google) will get screened.
None of these precautions are bulletproof on their lonesome, but added all together, you should be able to steer clear of most bad links. And when you do click on a search result? Don’t download and install anything until you’ve had a good look at the page. Make sure you scan any downloads with antivirus software
56 sources (32 en français)
jeu. 30 mars - 00:51 CEST