Free Software: Costly Malware

Earlier this year, the Federal Bureau of Investigation issued a stark warning about an increasingly recurring scam involving free online document converter tools and encouraged victims to report such scams.

To perform this scheme, hackers use any type of free file converter or downloader tool. This might be a website claiming to convert one type of file to another, for instance a DOCX or XLSX document to a PDF file. It might also claim to combine files, joining multiple PNG files into one PDF file.

Free tools, such as PDF readers and file converters, should be avoided because you may end up installing potential adware, or straight-up malware that can take over your workstation or your network.

Victims may not realize they have been infected by malware until it is too late, when their device is either infected with ransomware or their identity has been stolen.

Free Software Is Usually Not Free

Any free software should be a red flag.

Simply put, what they are getting is the opportunity to plant hidden software on your device or to use your network for their benefit.

Some makers of free software are just in it to destroy or defraud. They plant malware on your workstation and possibly your whole network.

Other providers are in it to make use of your resources for their benefit. These pieces of software install hidden code on the targeted device, slowing it down. At this point, hackers can use your device making it part of a bot network, giving the perpetrator access to your workstation’s processing capability and to your network.

There is another category of product developers who are in it for the information they can steal and use to make money. This type of software hacks into your company’s database and extracts sensitive information. Such data is then used for identity theft, targeted marketing, exploiting vulnerabilities, etc.

The User’s Perspective

Will the user benefit in any way? Probably not. A smart hacker will develop a package that serves a need, so you won’t realize you have a problem for a while.

For however long the hidden software remains undetected, cybercriminals will use your workstation and network for their own interests.

This type of product promises to serve a need but once installed it promptly loads malware taking down your workstation and network.

If you have a software need, don’t just look for free software. Find a legitimate developer and start a trial, as it will do the job better and most importantly, in a secure way.

If the software meets your needs, then pay for it and use it in a secure manner.

Free software is not free if it comes from an internet ad. It will cost you plenty in case you have to repair the damage it causes.

Conclusion

Free software is risky. It can be one of the most dangerous things you will run into while operating your business as it can cause downtime, potential loss of data, compliance penalties, etc.

Therefore, it would be best for users to submit a ticket to their IT support provider if they need a specific file reader or conversion tool versus randomly searching on the internet and stumbling on malware. Most times MSPs already have such programs, or they can start the process of acquiring the software their customers need.

For a professional cybersecurity assessment, please reach out to StratusPointIT. Keeping your enterprise, your people, and your data safe is our focus.