Follow the Link and You “Takes Your Chances”

image Regular readers on this site are aware, that virtually all downloads I recommend, are linked to CNET (

There is good reason for this – CNET scrupulously audits hosted downloads and linked sites, to ensure they are not contaminated by malware.

But links on Blogs can be a special problem for surfers – particularly links contained in comments. Don’t get me wrong –  comments are an important part of the blogging mix.

Amongst other things, comments can spark discussion (always a good thing), allow a reader to present his/her point of view, share tech wisdom, or spread the word on a unique piece of software.

But, Blog comments are not without their share of issues; with comment Spam (some containing malicious links), being the leading problem.

Spam is virtually everywhere on the Internet. In your inbox, on Twitter and Facebook, and other social networks, and so it’s not surprising that you’ll find Spam Blog comments.

WordPress, on which this Blog is hosted, has a Spam plug-in filter, Akismet, which does a good job of catching comment spam. Akismet automatically analyzes comments and flags for review, those it considers Spam.

On this Blog, Akismet routinely captures about 90% of spam comments, according to my blog stats. In real number terms, Akismet has captured in excess of 60,000 spam comments here, in the past two years. But what about the other 10%? – some of which will contain malicious links?

As a matter of policy, I test every allowed link included in a comment, for safety.

Regretfully, there are Bloggers who are fairly complacent and who rely only on a Spam filter to do this job. In doing so, they miss the reality: Spam filters can often miss comment spam, some of which are highly dangerous.

While comment Spam is a pain for the Blogger, a reader who follows a link in a malicious Blog comment, which leads to a malware site, is in for a very painful experience.

Here’s a case in point – any time I write on registry cleaners I can expect the following comment, (shown in the following screen capture), or one like it, to show up.

This comment included a link, to a free application, which supposedly is superior to the free application I recommended in the article.

Spam Comment

The comment itself looks harmless, but if I’d allowed this comment to be posted (and I’ve seen this comment published many times over, on many other sites), a reader who followed the link would have become infected simply by visiting the site.

Don’t think that this is an unusual set of circumstances – it’s not. On an average day, here on Tech Thoughts, 10 or more comments (thankfully picked up by Akismet), contain malicious, or dangerous links.

Some advice:

Be cautious when following links contained in comments on any web site – not just Blogs.

Be particularly cautious of comments, on any web site, where the writer is describing a problem with recommended software and offers a link to alternative software.  This is a favorite technique employed by cyber-criminals. All software reviewed on this site, for example, has been thoroughly tested, by me, for usability. If a reader has a problem with recommended software, it’s generally a machine specific problem.

Be cautious when following any link contained in any web page. Recent reports indicate there are 5.8 million individual web pages infected across 640,000 compromised websites. Cyber-criminals are finding it easier than ever to inject malicious content into legitimate sites.

Since the majority of infected sites are infected with Java based scripts, consider using Firefox with the NoScript add-on. NoScript offers superior protection.

Install an Internet Browser add-on that provides protection against questionable, or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/Firefox add-on, that offers substantial protection against questionable, or unsafe websites.

Use Norton DNS as an added safety precaution.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Anti-Malware Tools, Browser add-ons, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Firefox Add-ons, Freeware, Internet Explorer Add-ons, Internet Safety Tools, Internet Security Alerts, Online Safety, Safe Surfing, Software, spam, Windows Tips and Tools, WOT (Web of Trust)

15 responses to “Follow the Link and You “Takes Your Chances”

  1. Dave Curtis

    Thanks Bill. I really like Norton DNS. As always your web site is a wealth of knowledge. Appreciate it very much. All my friends now hit your page and they have learned like myself, so much. Dave.

    • Thank you Dave.

      Always glad to see you drop by; and now your friends. Might have to hire you as my agent. 🙂

      Glad to hear you installed Norton DNS. Just a little more security, but it’s all important.


  2. Mal

    Hey Bill,

    If I ever see a link to download software, I first head to CNET to see if it listed there, to see its rating, and download it from there etc. Like you said, they srupulously check everything they host. If they don’t have it, then File Hippo is my second choice, I have used this site for years and it is safe, plus it has the added benefit of having prior versions of software, going back years in some cases, should you need it. (Probably for those poor sods still using Windows 98, they still exist apparently). Only after that, if I can’t find what I want on either of these two, will I download from the manufacturers site.


  3. Liam O' Moulain

    Great info as usual Bill.


  4. Bill,
    Good stuff, very helpful. I’m taking notes.

    • Hi Paul,

      As a long time IT professional, you are more than aware that cyber criminals look for every opportunity to ply their trade. Infecting comments, is just one more tool in their bag of tricks.

      Always good to see you here.



  5. Hey Bill,

    What do you recommend to use to check links out to make sure they are not bad links, that get posted on a blog?



    • Hey Tex,

      There are loads of browser add-ons that purport to do just that. The one I have used for a number of years is WOT . Since it is “community driven”, I find it the most reliable.

      For the “naysayers” out there who will read this comment – I have been involved in Internet security for more than 20 years, so I am well aware that no application is perfect.



  6. What is and how do you use Word press?

  7. Ranjan

    “As a matter of policy, I test every allowed link included in a comment, for safety.”
    So committed you’re for your fellow visitors’s safety.. I appreciate that.

    Thanks Bill.

  8. Pingback: Norton DNS Can Save Your Butt! « Bill Mullins' Weblog – Tech Thoughts