Some advertisements are designed to look like download links, buttons, and pages. They are designed so intentionally, to get people to trust them and to click on them. Many websites still show such ads.
Ads that are disguised as download buttons often lead to harmful content, so it’s best to avoid them.
What do fake download links look like?
There are a few types of fake download link ads:
- Banner ads that look like download buttons.
- Web pages that appear as pop-ups and show download links.
- Search engine ads and results.
Fake download buttons
Fake download buttons tend to be bright green and use words like “Start Here”, “Download Now”, and “Continue”.
Ads that look like download buttons are common on websites that host files and programs to be downloaded for free. Pirating and adjacent sites, URL shorteners, mod sites, “free” movie and sports streaming sites often show these ads (Illegal football streaming sites are absolutely riddled with dangerous malware).
If you’re on a site to download something – a free program, a mod, a movie – then you expect to see a download link somewhere. This is why fake download buttons are such effective ads: they are easily mistaken for real links, which is why people click them.
If you’re curious why download sites allow such ads, it’s simple. Sites make money from ads, not from visitors downloading files.
Pop-up download pages
Another variation of the fake download button is a pop-up/new tab ad like the one above. Ads like this open in new browser tabs seemingly spontaneously.
Just like fake download buttons, these pop-ups tend to appear on websites for downloading files – sites where you would expect to see a download link.
Some websites don’t show visible ads, but when you interact with them, they open a pop-up or pop-under advertisement. Occasionally, these ads feature download links.
The example above is a whlte label ad used by lots of dubious apps. Specifically, it’s advertising Cactus Search – a browser hijacker.
Another example of a pop-up download page is that of a notification hijacker:
Here, the page shows the text “to download the file, click ALLOW”.
The page pretends to let visitors download a file, but only if they subscribe to the site’s notifications. Then, the site shows advertisements in the browser.
Fake download links
Users who use search engines to look for files and programs to download might see results that are intentionally misleading.
Above is an advertisement displayed by a custom search engine. The query is “creative cloud” and the ad says “Download Now Free”. The ad is for DownloadManagerNow, a browser hijacker that has nothing to do with “creative cloud”.
Below is an example where an advertisement is pretending to be a download link for an app (Zoom).
Misleading ads like the one above show up in the results of various search engines. They may be ads, or they may be regular results.
When searching for a book or a document template, links to fake forum sites might appear in search results.
The fake download link problem is related to search engine result poisoning or SEO poisoning. This is where malicious websites are promoted to appear prominently in web search results.
Where do fake download links lead?
Fake download links and buttons are frustrating, they just waste people’s time. But what happens if you click them? What are they advertising?
Ads and adware
Browser hijackers – extensions that show ads in your browser. They are hiding behind the majority of fake download buttons. Most of the ads in the screenshots above are for hijackers. They are relatively harmless, although annoying.
Advertising, clickbait sites, notification hijackers. A lot of low-quality ads just open web pages with more ads. Not dangerous, just make sure not to click anything – these sites tend to advertise scams. (Wsoyourwi.fun)
Malware and scams
Phishing, subscription scams – websites that promise visitors to let them download a file if they sign up with their personal and payment info. Bad search results occasionally lead to such websites. Be careful, these sites can cause real harm. (Findpdf.me Scam)
Malware. Some fake download links download real, truly harmful malware. Spyware trojans that steal passwords, file-encrypting ransomware, and similar threats. If you download a file and it looks strange and has some unexpected features (file size or type), scan it with an antivirus program or delete it. (Gootloader Fake Forums, Adrozek Adware)
How to avoid fake download links
Fake download buttons, pages, and links can be dangerous, so how do you avoid clicking on them?
When you’re looking to download software, use the developer’s official site. You won’t find a better source than that. Free software download sites are unreliable (Yes, Every Freeware Download Site is Serving Crapware (Here’s the Proof)), pirating sites are outright dangerous.
When you visit risky websites, use ad blockers to remove many malicious ads and links (here’s an article recommending a few – The best ad blockers in 2021).
Protect your device with an anti-malware program. A few that we like are Spyhunter for Mac, Combo Cleaner for Mac, Spyhunter for Windows, and Malwarebytes for almost any device out there. If you accidentally download something nasty, the anti-malware tool will warn you. Just never disable your security program and never make exceptions for unknown files.
Most importantly, be careful and patient. If you are unsure about something, ask for advice online on community support forums.
