Defensive Downloading – The Basics

malware 5BitDefender is currently warning,  on its Malware City site, of a fake Stuxnet removal tool which, once downloaded and installed, will wipe out the contents of the victim’s Hard Drive.

As we’ve pointed out here many times in the past – if it’s in the news, you can be sure cyber criminals are exploiting it to their advantage. So we shouldn’t be too surprised, that cyber criminals have been very successful in hijacking searches related to the Stuxnet worm.

Unfortunately, following hijacked links is the common behavior of a large percentage of unaware, undereducated, and less security conscious computer users. Is it any wonder the cyber criminals are winning the game?

At the risk of sounding insensitive it’s fair to say, that users who get victimized by the type of scheme described above, end up that way because they behave like victims.

It’s beyond dispute that download sites are not all equal and as a result, downloading can be extremely risky, especially for unaware users. It’s frustrating to realize that so many users lack this basic knowledge.

Download basics are just that – basic:

Download ONLY from well established sites, or sites that are known to you.

Preferably, download from the developer’s official site.

Regardless of origin, scan all downloads with 2 or more, security applications.

Install a Browser security add-on such as WOT, which  investigates web sites for spyware, spam, viruses, browser exploits, phishing, and online scams.

Since “trusted” websites, are not always to be trusted, consider installing an additional layer of security by substituting your ISP provided DNS service, with a more secure alternative such as ClearCloud.

Despite the best precautions, it is still possible to become infected – so, make regular backups of critical data. If you become infected this may be your only solution.

Finally, don’t store critical data on the system partition.

Regular readers will know, that virtually all downloads recommended here, are hosted on CNET’s (, site. There is good reason for this – CNET scrupulously audits hosted downloads, to ensure they are not contaminated by malware.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under BitDefender, Browser add-ons, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Firefox Add-ons, Freeware, Internet Safety Tools, Malware Advisories, Recommended Web Sites, Safe Surfing, Software, Windows Tips and Tools, WOT (Web of Trust)

5 responses to “Defensive Downloading – The Basics

  1. Mal

    Hey Bill,

    You are totally right, one should only download from a site like CNET. Too many people I know do a google search for a program they want, and click the first link in the results, download the file and think all is well. There are only two sites I trust to download from, and even then, I still scan with two security apps after download.

    Fortunately, I have never had to deal with a rogue security app, or a hoax one. Hope I never do, it sounds like a real pain in the ass.


    • Hey Mal,

      Well, you’ve definitely located the right place – it would definitely be a pain in the ass. lol

      I know that you recommend FileHippo as a safe secure download site, and I have to agree – it’s a terrific site.



  2. Just yesterday a non-techie did a Google search for Firefox after I suggested they use it. They didn’t know that the “official” site is Mozilla and probably downloaded it from somewhere else and got an error, for which they called me.

    Bing and Yahoo search return what appear to be scam sites first and in ads when you search for “firefox”. Google, however, has made an exception for searches for “firefox” – no ads and no scam sites either, Mozilla is top of the list.

  3. Pingback: Some Really Good Security Advice for the Everyday Computer User from Paul, Paul and Bill « What's On My PC