A fake Malaysian Airlines missile disaster page has been added to the growing collection of scams surrounding the tragedy of the 777, which was downed over the Ukraine in late July. This one offers up non-existent video footage that, when clicked on, takes the user to various potentially unwanted programs (PuPs).
Malware intelligence analyst Chris Boyd noted that clicking the supposed clip and performing the “share this video on Facebook to watch it” steps took him to various PuP installs.
While not specifically malicious, PuPs are still something to stay away from. These are the additional software applications that often get installed along with purchased or actually desired software. Sometimes called bloatware, these programs can be anything from “file management” helpers to “download accelerators” to, in some cases, full-on malware. In all cases they are software that the user didn’t originally go looking for, and their install earns the software bundler a commission.
“Not long ago, these shady bundling practices came up in a discussion I was having with a friend,” said Malwarebytes researcher Jean Taggart in another post. “I am a firm believer in patching the end-user and my friend needed help installing a program. This particular application was only available as part of a bundled package. I carefully explained how to navigate through the numerous menus of the installer, unselecting this and unchecking that. This was a tedious process that proved to be quite tricky.”
The byzantine menu selections are not the result of bad UI design, but are in fact very carefully and deliberately built, using in-depth knowledge of human psychology, Taggart explained.
“It is a completely intentional and deliberate decision on the part of the PUP peddling companies to have giant green ’download’ buttons peppered throughout the download page, although only one of these point to the actual desired software,” the researcher noted. “This is done in order to generate additional downloads that rely on a user mistakenly pressing the wrong download link.”
Using double negatives, pre-populated checkboxes and hiding the true purpose of programs in exceedingly long EULA agreements are all well-worn techniques geared to trick the user into inadvertently opting in for unwanted software. And a certain percentage of those users won’t bother uninstalling it. All of these techniques are used as part of a numbers game.
“I realize that there is a need to monetize, but this should never be achieved at the expense of all morals and ethics,” Taggart said. “ You have to ask yourself, do you trust a company to have your best interests at heart, when they have a team of UI designers perform endless split tests to ensure that the interface you use is optimally designed to trick you into doing something you wouldn’t do of your own volition?”
For his part, Boyd noted, “These types of incredibly distasteful scam pages will be with us for a while yet. Don’t fall for it.”.