One simple trip into teh interwebz (sic) to download a piece of software gave me a very quick trip into several attempts to get me to unwittingly download software I did not want.

While trying to download an image editor popular with IT users, I got several pop-ups trying to lure me into downloading… something. It became quite obvious how less suspicious users can be misled into downloading something they really did not mean to install.
The virtues of well-regarded ad-blocker “browser extensions” also became quite apparent.

Below you can see my visit to the Greenshot webpage. Look at the shiny green button to “Download”. WAIT. That downloads “Wave Browser”, NOT Greenshot. The window surrounding the obvious download section is an ad (as indicated by the red arrow)!!

The real download button is lower on the page. If I hadn’t been paying attention, I may have merrily pushed the green button and wound up with a real pain in the butt browser extension installed on my computer.

Having dodged the bullet, and looking away for a second to see who’s in the hall, I look back and see…WAIT WHAT?

Another ad, superimposed on the page. If I hadn’t looked closely at the text to see the tiny “ad”, what would I have downloaded? I’m 99% sure it would not have been Greenshot.

Do these misleading popups happen in a browser that’s running a respected “ad-blocker” software? Take a look. No suspicious pop-up ads to mislead me into downloading something suspicious. Score a win for ad-blockers. Take a look at UBlock Origin (https://ublockorigin.com/) to increase your organization’s safety. It’s free, your IT staff or guru can add it easily and there’s minimal friction for the users (though it may sometimes give warnings for sites that are actually ok and block some website functions making them misbehave).