The Latest in IT Security

Charitable Results


One of our researchers noticed that searches in Yahoo! for popular programs will result in Yahoo! placing their own link as the first result, effectively bumping the official program links down into second place.

Click to Enlarge
Clicking the first link takes you to the Yahoo! Downloads portal instead of the official Teamviewer site which is sitting down in the number two spot.

Click to Enlarge
It’s the same deal for various other downloads such as Skype:

Click to Enlarge
The downloads come with additional extras that you wouldn’t see if you’d grabbed them from the official developer site. Cue GFI Researcher Matthew, who first noticed this:

“If the user runs the download from this page, they will be presented with an offer for the Yahoo toolbar and then either Shop to Win or Social Ribbons add-on. After the user accepts or declines these offers, the installer then downloads the actual Teamviewer installer from Tucows to the user’s desktop and and prompts the user to run it.”

Click to Enlarge
The SocialRibbons install is interesting – if you’re not familiar with it, it’s a browser plugin that inserts their affiliate code into the URLs of merchants’ sites you happen shop at, then picks up the the affiliate commission when you make purchases at those sites. The idea is that an end-user would install it because Social Ribbons pledges to donate a percentage of that affiliate commission to charities.

However, the exact percentage of the affiliate commission that is donated to charity is not specified. Just one month ago they claimed that $18,000 had been donated based on 250,000 users – which works out to 8 cents per user. The whole point of this type of program is to drive shoppers to participating merchants’ sites, yet no list of participating merchants is available on the Social Ribbons site. In other words, users don’t even know where to go to make their shopping dollars count for charities.

Furthermore, the charities themselves are not specified – there is an example of the below installer mentioning  the “Susan G. Kohen Foundation” – did they mean the Susan G. Komen Foundation?

Click to Enlarge
They collect basic demographic information and claim to monitor web surfing behavior for the purposes of targeted advertising, though this is never mentioned in a clear and conspicuous fashion outside of the EULA/Privacy Policy (Section 2, “Use of individual information”).

All in all, there’s a fair amount of additional content you’re installing via these promoted search links that you wouldn’t receive if installing from the sites of the program creators. It would perhaps be worth pointing out to relatives unfamiliar with promoted search engine results that you don’t always get the “official” site as the first clickable link at the top of the pile – especially when the search engine you’re using is placing links it has a connection with above the rest.

Christopher Boyd (Thanks to Matthew and Eric for additional information)

Leave a reply


MONDAY, JUNE 17, 2024

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments