Recognize deception

Communications / Clouds / File sharing

Recognize deception

Attention Viruses!

Often, under the guise of the file you need, you will be offered to download the virus.
How to distinguish a virus from a real file?

Where to download

First of all, we try to download the file to the site of the author, whenever possible.
On a site you can trust.

Site Address

There are sites where you can download a lot (fayloobmenniki), ex. Letitbit, vip-file.com, Rapidshare, Depositfiles, Narod.ru, iFolder.ru, Turbobit.net.

It is important that you click on the link to get to these familiar sites.
If the design is not quite the same - go.
If the address (url) is not exactly the same - we leave. (Eg Rapidsare instead of Rapidshare - obviously, someone pretends to be a famous site).

If the site is on a domain with a generally short address of meaningless text, usually letters and digits, such as s8nd.com.
People buy domains do not care about the meaning of a name, and when they are recognized as virus distributors they throw out these domains and again take whatever they are.
Normal people do not care how their site is called, and therefore they resell domain names expensive.

Many subdomains

If the address of the site is of the type vasya. iFolder.ru/And_TAK_TOTE__and_TAK_DAY___ ....
  1. In this address, the first-level domain is iFolder.ru
  2. The second-level domain is vasya.
After the domain there is a long line, it does not interest us. It is often very long and incomprehensible.
We are interested in what is before the domain of the 1st level.

If the domain has many levels, ex. fail.more.vasya. DOMAIN.ru is practically a guarantee that this is a kickalo.
I have not seen such addresses on normal sites. Normally, 1 or 2 levels of a domain name are used.
Usually a domain name like s8nd.com, as described above.

Similarity

If the site is similar to some famous, for example on NAROD.RU. Why should he give himself away for others? - Immediately go.

Oddities and incomprehensibility after Free, Direct link

As a rule, the words "FREE, FREE ..." should be alarming. If after that go strange - we leave.

SMS

Everything is clear. SMS=virus.

The site has almost everything

We go to the site, and it has and the program you need, and any version. Any file that is not found anywhere else on the Internet, etc. Well, in general everything. There are no such sites.
There's just one virus that gives the name of your request.

Name of the downloaded file

If the name is ex. FILE_NAME.zip.exe The extension .exe belongs to programs that are executable. By default, the system hides the extension, that is, if the file is named FILE_NAME.zip.exe, the user will see FILE_NAME.zip and like everything is harmless. But in fact, if the file and truth were named FILE_NAME.zip, you would see FILE_NAME.
Often the browser warns about this danger, you need to stop downloading such a file.

Size of the downloaded file

If the size is very different from what it can be. Especially if it is too small.
I would download this file somewhere else.

Double Archive

For example, you downloaded the harmless archive. ZIP, unpack, and in it another archive .RAR.
Or vice versa, but the principle is clear - archive in the archive.
Why compress a compressed file? He will not be less of the same size. Strange, is not it?
The reason is simple, the antivirus is able to recognize the virus in the archive, and the archive in the archive confuses it.

Crackers, Keygen ...

They are defined by antivirus as viruses. Therefore, under the guise of them are often viruses.
So use them at your own risk and risk.