Here are some simple tips to follow when downloading a file from the web and fearing it may contain malware.
The development of the internet and all the dangers it hides, gives you a good chance to find yourself in front of a malicious website or a file full of viruses.
Downloading such malicious files and software, with which viruses come as uninvited guests to computer your, is a common way for criminals to track, extort, and illegally manipulate your machine.
The most experienced users of course know the pitfalls and always have their eyes open. Maybe they have even pressed it once, that is, they have gained experience in the difficult way and find the following boring. New users, however, not having the experience should not underestimate the cunning and thirst for money of would-be intruders.
Let's look at what you should check each time you download files to make sure they are safe and free of malware.
1. Search for Official Sources
When downloading any file or software, you should first find it in the official sources. There is no risk of malware entering your computer when you download files from there. Therefore, download files only from trusted sites and avoid downloading anything from third-party sources.
An example of this is to download the free program Adobe Reader from the Adobe website and not freeapp4you.com for example.
However, if you can not find the file in the official source, you can contact third parties. When you do this, there are some checks you need to make to ensure that the files are safe to download. Some of these controls are listed below.
In case you want to download illegal material (which we do not recommend) there things are very complicated and all the following does not apply. Websites that distribute illegal material (movies, music, programs, etc.) are in fact illegal and potential hiding places for criminals.
2. Check the site's SSL Certificate
Avoid visiting a site that does not have an SSL certificate to avoid the risk of compromising your security. An SSL certificate establishes a secure, encrypted connection between your browser and the web server where your site is hosted.
The URLs of SSL-enabled websites usually start with HTTPS instead of HTTP. Additionally, you will see the padlock icon just before the URL, further confirming that your browser's link to the site is encrypted.
By clicking on the padlock, you can verify the validity of the certificate. If a site does not have an SSL certificate installed, "Not Secure" will often appear instead of a padlock, and the URL will probably start with HTTP rather than HTTPS. Therefore, avoid downloading files from such sites without SSL installed.
3. Check Domain.TLD
Don't let scammers trick you with TLDs. A TLD is the part of a website's name that comes at the end, usually separated by a period from the main one name domain. The most common TLDs are .COM, .ORG, .NET and .GR for Greece.
Hackers often enter the same domain name as the official website with a different TLD domain. For example, you could be in front of Microsoft.tech instead of Microsoft.com. People fall into the traps of fraudsters when they rush and pass it without carefully reading the domain name, as it is close to normal.
Respectively the same happens with domain name. Another alpha.gr and another aplha_bank.biz. Therefore, always watch the domain along with the TLD domain when downloading files from official sources.
4. Check the age of the Domain
If a site has an SSL certificate and a seemingly valid TLD, but you have never heard of it, and you are still reluctant to download files from it, it is best to check the age of its domain name (domain.tld).
Scammers manage relatively new websites, so you should stay away from them. Instead, you can download your files if the site has been running for many years.
There are hundreds of tools available to control the age of the domain, but the WHOIS it is the best. Displays the exact domain registration date, when it was last updated, and when it will expire. Therefore, before downloading a file from a suspicious site, you should always check how old its name is.
5. Look for site reviews
To find out what others think about the site from which you plan to download a file, go to forums and check out sites.
The best way to find them is to type allintitle: site_name in the Google search bar and press Enter. Ranked sites and forum pages where people talk about the site will appear in search results for you to explore further.
What is Allintitle? Allintitle is essentially one Google search operator which allows you to restrict search engine results to pages that have the specific keyword that you have selected.
Alternatively, you can directly search for reviews of the site you are interested in by typing in the Google search the name of the site and the word “review” or “criticism”. You may stumble upon the sources to verify the authenticity and reliability of this site. Keep your distance from anything that sounds suspicious.
6. Scan the download link with an Online Scanner Tool
Another smart way to make sure suspicious files are virus-free is to analyze the download link before clicking the download button.
There are many virus scanning tools available online that you can use to scan files. VirusTotal is the most recommended.
Go to the webpage where you intend to download the file, right-click the download button and select Copy Link Address. To start the analysis, go to the official VirusTotal website, paste the URL in the URL search bar and click on the search icon.
When VirusTotal finds problems in a file, it is best to avoid it.
7. Watch the file extension
You can also get rid of malware by looking at the file extension before opening the file, after downloading. Make sure the file type you downloaded has the correct extension. For example, an image file would use JPEG, PNG or another popular image format and in no case should it be .EXE or .COM.
Similarly, almost all file types have their own extensions. Therefore, if your file extension seems strange, it is best to check if there is such an extension for that file type.
.EXE is among the dangerous file extensions that you must not run. Also, avoid downloading compressed files with .ZIP or .RAR extensions from unknown sources.
Always keep your Antivirus active when downloading files online
Following the steps above will ensure that the files are safe to download before downloading. However, although they are very good tips they are not a panacea and you can download malicious files without knowing it.
Therefore, to keep your computer free of viruses, keep your antivirus running at all times with the last line of defense.
While Windows users can based on Microsoft Defender To alleviate their security concerns, Linux and Mac users, although they trust their operating systems to protect their data, should install a free antivirus program as an additional level of protection.
Download files securely from the internet
The tips covered above will help you filter out malicious files and block all possible virus hotspots.
If you are still hesitant to download files, you can create a sandbox which acts as an isolated test environment for surfing a malicious site and executing potentially harmful files after download.
