Donna Fontenot

Blog

Google Profits From Malware

Google Profits From Malware

I tried to stir some interest for this topic in someone with more authority and more followers than I have, but haven’t yet been successful, so I decided to put out this rant myself. Hopefully, someone more important than I will take up the cause and stop the madness. Check out my screencast below, and please excuse the fact that it’s not the most high-quality screencast you’ll ever see. I think this is probably the second one I’ve done in the last 10 years, so I’m not exactly an expert on creating them. :)

TRANSCRIPTION:

Hi everyone, Donna Fontenot here of donnafontenot.com. It’s been a long time since I’ve publicly ranted, and while this rant may not seem related to the kinds of things I normally post, it actually is, and hopefully how it is related will eventually become clear.

I’ve had it up to here with malware, folks, and more specifically I’m extremely tired of dealing with one particular form of it. We’ve all experienced this or know someone who has. It’s the big green or sometimes blue download buttons that users mistakenly click on download sites, instead of the real download link for software. Those download buttons fool nearly everyone at least once, and they still fool me once in a blue moon, even though I’m extremely cautious about what I’m clicking on. It’s rare for me to be fooled these days, but it has happened. These buttons are fake download buttons – in fact they aren’t even buttons. They’re ads that usually cause people to download all sorts of malware, spyware and adware. Often 5 or 10 of these with one click.

Granted, they usually have some sort of disclosure letting the user know what they are installing, but it’s all just part of the normal legalese that users always ignore. Let’s face it, your sister, cousin, nephew, friend, grandma, or uncle who is just an average everyday user, doesn’t know what to look for – even if you’ve told them several times. They’ll just happily click Next Next Next, install and BOOM – malicious software runs rampant on their systems now.

So let’s take a look at some download sites to get a good view of what I’m talking about. I went to a few of the sites listed on the first page of the Google search results when searching for [download software]. Once there, I decided to look at the download pages for a common free software called CCleaner. I used this particular example simply because I recently needed to download it, but any other example would work just as well.

So let’s start with CNET’s download.com site, which is certainly one of the most common places that people go to download software. What do we see? The first thing we see or it’s the first thing I see right at the top of the page… a big old Start Download…giant green Free Download button with a little down arrow. Looks like what you should click, right? Wait, here’s another one. Start Download… a green download button that says Free Download with an arrow… looks right to me. And in a slightly smaller area, right here, says Download Now, “CNET secure download” with a sort of funny looking down arrow. Which one of these will actually download CCleaner? It’s this one – probably the last one someone would actually click in order to download.

This one is an ad. This one is an ad.

And you want to know who actually supplies these ads? We’ll hold off on that for a moment. I’ll let you know in a few.

So let’s continue on. That was CNET’s download.com. Let’s check out filehippo.com. Once again, we’re looking at the CCleaner download page on filehippo.com. What do we see? A big green button, another big green button, oh look, here’s another green button that all say Download or Start Download. Guess what? None of those have anything to do with downloading CCleaner. This much smaller button… it’s green…it’s much smaller… says Download Latest version. That’s the correct one. All three of these are the incorrect ones.

Okay, now let’s look at the next download site, Softpedia. Again we’re on the CCleaner page and we see a big giant green download button and we see a much smaller blue download button. Which one is the correct one? This one. Not this one.

Moving on to ZDnet’s CCleaner download page, and in this case we see a gold Download Now button, another gold download button and a red download button. In this case, it’s not quite as bad..the red download button is big and probably in a good place for it to be, but still we have these other download buttons here that have nothing to do with downloading CCleaner.

All right, let’s move on. Now we’re on SourceForge. Hey, surely SourceForge doesn’t have this problem, does it? Well, as a matter of fact, it does. Once again, giant Start Download button… not the right one. We do have one DOWNLOAD button here. It’s green but it’s small and not nearly as noticeable as the Start Download button. So once again, even SourceForge has this problem.

So let’s answer that question: who is supplying these ads?, that are fake download buttons that install malware, spyware, adware and unwanted programs on unsuspecting users’ computers… who supplies these ads? Google. Yes Google, and they’ve done it for years and years and years and they keep on doing it. Now should we be concerned about that? Should we be mad at Google? Well, I don’t know but let’s see.

Since 2009 at least, or probably before that, Google has banned AdWords advertisers right and left for various reasons. You can see it here. In this particular case, Google banned ads for a very simple infraction. The advertisers violated their landing page quality guidelines. They just violated a few guidelines… not the greatest thing to do, but I mean, it’s not really harming anyone very much.

Okay so let’s look at some other tactics that Google later in 2011 says will put you at risk of being banned from AdWords.

  • An arbitrage site with too many ads
  • Rebilling nightmares where you end up spending more money than you thought you’d spend because a company will bill you monthly without you knowing that’s gonna happen.
  • Free offers that aren’t truly free
  • Jump pages, bridge pages, thin pages
  • Double, triple, or quadruple ad serving
  • Cloaking

Okay? So more ads as of 2011 being banned from Google because of these problems. We’re up to 2012. Suddenly, they get in trouble because lawmakers think that they’re selling ads related to human trafficking. Okay, that’s pretty bad.

2012: Google cracks down and bans weapons related listings from Google Shopping. It’s not exactly AdWords ads, but it’s a similar kind of thing.

And here, now we finally get to something having to do with malware. Now this is not in the ads. Google is now as of 2013, April 11th, Google was cracking down on malware listings in the organic search results. Not ads, but in the organic listings.

So if Google’s gonna crack down on keeping malware out of the search results, why wouldn’t they crack down on keeping malware out of their ads? Hmm, let’s see… who makes money off of these malware ads? Two people. People who are showing the ads, people who want you to download these malware products…And the other person who makes money off of these ads? Well of course it’s Google. Google’s making money off of these ads and they’ve been doing it for years and years and years.

Google knows about these malware download ads. Every time they go to the sites, they experience it. These are computer users. They know about it, and yet years and years and years later, they are still making a ton of money off of these ads and users are getting malware on the sites day after day after day.

Now some of these companies will say “well I don’t really have malware in these ads”. So Macafee came up with a new term for it called PUP – potentially unwanted program. It’s a program that may be unwanted despite the possibility that users consented to download it. PUPs include spyware, adware, and dialers, and are often downloaded in conjunction with a program that the user wants. In other words, yeah, the users are sort of agreeing to download this and install this stuff, but they don’t know what they’re doing. They don’t know what they’re installing. They are being tricked and fooled by these fake ads.

So that’s my rant for the day. I’m really sick and tired of still seeing these fake big green button download ads that Google is supplying on these download sites. If you’re sick of them too, let them know. I’m just a little person, and I don’t have a big voice, a big following. I really wish someone major would put this out there and force Google’s hand on this. Help me do that. Thanks for listening. End of rant. Have a great day.

Donna Fontenot, here, signing off. Bye-bye.

Posted in: General

Leave a Comment (0) →

Leave a Comment