Downloading is one of the most common activities on the Internet. But why are so many people offering downloadable material for free or at a nominal price? Some might be providing the service as they genuinely want to popularise the content, others might be looking for making money by placing ads on the website. However, a sizable chunk of those who are providing the facility of downloading files are those who harbour the ulterior motive of peddling malware and spyware.
Here are some precautions that you can take while downloading files:
Download only trusted software
While downloading software or any other file, you must ensure that you trust the vendor. There is no dearth of companies that have established their reputation over time. Also you must try to download software from the official website of the vendor. For instance, if you want to download Mozilla browser, then go to Mozilla website rather than downloading from third party vendor. If you download from a third party, then you run the risk of getting files that have subsequent additions to them.
Download from reputed download sites
In case of little known software, it is possible that the vendor might not be having his own website. In that case you have to download from reputed download sites. Some of the reputed download sites in the Internet include names like download.com, tucows.com, pcworld.com and others. Normally such websites are expected to check the software that gets uploaded on them for viruses, spyware, etc and hence downloads from here are relatively safer.
Always void auto-downloads
There are a number of malicious websites on the Internet that start downloading software or code the moment you point your browser at them. In fact, a site may even ask for your permission to download software. You have to be careful with such websites. Avoid visiting such sites, as the software that gets auto-downloaded from here is sure to harm your system. Accidentally if you end up at such a website and auto-download happens, then you should refrain from activating the software and delete the cache in your browser. You should also run a virus check.
Check security credentials
Be wary of downloading stuff from any website about which you have little knowledge. You should try to confirm the security credentials of the website from a resource like http://www.siteadvisor.com/. The newer versions of browsers like Internet Explorer, Mozilla Firefox, and Google Chrome provide the service of automatically checking the credentials of a website. So you must also ensure that you are using the latest version of your browser. You must check and enable the relevant security options in your browser – such as Block reported attack sites and Block reported web forgeries, under the Security tab in Options under the Tools menu.
Install spyware, anti-virus software
You can have top quality spyware and anti-virus software like Microsoft Security Essentials for free these days. But you must have a genuine Windows OS in order to download Security Essentials. There are many other good genuine anti-virus systems that you can go in for. You must keep your anti-virus updated and after downloading any software or file, you should run your anti-virus to make sure that your system has not been infected.
Keep tab on file name and file size
After you have downloaded a file from the Internet, you should always check its size and its name by right clicking it and going on to Properties. Compare the details that you get with the information available on the website from where you have downloaded. If there is a difference in the size or file name, then it is possible that you might have inadvertently downloaded a file that is different from what you originally intended to download. The downloaded file might be infected with some malicious code. You must delete it and run your anti-virus software.
Verifying file integrity
Those who BitTorrent a lot, should start using checksum to verify file integrity. Most user groups add a checksum file to check the integrity of the file. Checksum is like a unique digital signature of a file generated using algorithms to indicate that the file is its intended form. In case the file is tempered with, the checksums will not match the ones that have been originally generated. Even if someone has made small changes in the file, it will result in checksum error. The integrity of checksum files can be verified by using tools like ExactFile, which can be downloaded for free from sites like http://www.exactfile.com/.