How to Recognize Fake Download Buttons and Links

Some advertisements are designed to look like download links, buttons, and pages. They are designed so intentionally, to get people to trust them and to click on them. Many websites still show such ads.

Ads that are disguised as download buttons often lead to harmful content, so it’s best to avoid them.

Fake "download" and "play now" buttons on a fake game pirating site.

What do fake download links look like?

There are a few types of fake download link ads:

  • Banner ads that look like download buttons.
  • Web pages that appear as pop-ups and show download links.
  • Search engine ads and results.

Fake download buttons

Fake download buttons say "Download Now", "PLay Now", "Start". "Continue".

Fake download buttons tend to be bright green and use words like “Start Here”, “Download Now”, and “Continue”.

Ads that look like download buttons are common on websites that host files and programs to be downloaded for free. Pirating and adjacent sites, URL shortener, mod sites, “free” movie and sports streaming sites often show these ads (Illegal football streaming sites are absolutely riddled with dangerous malware).

If you’re on a site to download something – a free program, a mod, a movie – then you expect to see a download link somewhere. This is why fake download buttons are such effective ads: they are easily mistaken for real links, which is why people click them.

If you’re curious why download sites allow such ads, it’s simple. Sites make money from ads, not from visitors downloading files.

Pop-up download pages

"Download Ready" ad that claims to lead to a streaming site.

Another variation of the fake download button is a pop-up ad (or new tab ad) like the one above. Ads like this open in new browser tabs seemingly spontaneously. Just like fake download buttons, these pop-ups tend to appear on websites for downloading files.

Some websites don’t show visible ads, but when you interact with them, they open a pop-up or pop-under advertisement. Occasionally, these ads feature download links. 

Pop-up download links promote browser hijackers like Cactus Search.

Another example of a pop-up download page is that of a notification hijacker.

Page says "Click allow to download".

Here, the page shows the text “to download the file, click ALLOW”. The page pretends to let visitors download a file – if they subscribe to the site’s notifications (which are later used to show advertisements).

Fake download links

Search for "creative Cloud", get "downloadmanagernow".

Misleading links appear in the results of various search engines. They may be regular results, or they may be advertisements like the one in the screenshot above. (DownloadManagerNow is a browser hijacker and has nothing to do with Adobe.)

Users who search for files and programs to download might see results that are intentionally misleading.

Below is an example where an advertising site is pretending to download an app.

Advertising site promises to let you install Zoom.

Another example is fake forum sites which often appear when searching for a book or a document template.

The fake download link problem is related to search engine result poisoning or SEO poisoning. This is where malicious websites are promoted to appear prominently in web search results.

Where do fake download links lead?

Fake download links and buttons are frustrating, they just waste people’s time. But what happens if you click them? What are they advertising?

Ads and adware

Browser hijackers – extensions that show ads in your browser. They are hiding behind the majority of fake download buttons. Most of the ads in the screenshots above are for hijackers. They are relatively harmless, although annoying.

Advertising, clickbait sites, notification hijackers. A lot of low-quality ads just open web pages with more ads. Not dangerous, just make sure not to click anything – these sites tend to advertise scams. (Wsoyourwi.fun)

Malware and scams

Phishing, subscription scams – websites that promise visitors to let them download a file if they sign up with their personal and payment info. Bad search results occasionally lead to such websites. Be careful, these sites can cause real harm. (Findpdf.me Scam)

Malware. Some fake download links download real, truly harmful malware. Spyware trojans that steal passwords, file-encrypting ransomware, and similar threats. If you download a file and it looks strange and has some unexpected features (file size or type), scan it with an antivirus program or delete it. (Gootloader Fake Forums, Adrozek Adware)

How to avoid fake download links

Fake download buttons, pages, and links can be dangerous, so how do you avoid clicking on them?

When you’re looking to download software, use the developer’s official site. You won’t find a better source than that. Free software download sites are unreliable (Yes, Every Freeware Download Site is Serving Crapware (Here’s the Proof)), pirating sites are outright dangerous.

When you visit risky websites, use ad blockers to remove many malicious ads and links (here’s an article recommending a few – The best ad blockers in 2021).

Protect your device with an anti-malware program. A few that we like are Spyhunter for Mac, Combo Cleaner for Mac, Spyhunter for Windows, and Malwarebytes for almost any device out there. If you accidentally download something nasty, the anti-malware tool will warn you. Just never disable your security program and never make exceptions for unknown files.

Most importantly, be careful and patient. If you are unsure about something, ask for advice online on community support forums.

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Security Guides

Recent Comments