How To Tell If A Download Is Safe? - 8 Ways To Tell if A Download Is Safe

How To Tell If A Download Is Safe

Date First Published: 6th May 2023

Topic: Cybersecurity

Subtopic: Threats To Systems, Data & Information

Article Type: Computer Questions & Answers

Difficulty: Easy

Difficulty Level: 3/10

Learn about how to tell if a download is safe in this article.

Wondering whether the file you have downloaded is safe before you open it? You may have had a time when you have received a file, but are just not sure of whether you can trust it. There are some ways to determine whether a file is safe or not before opening it, particularly an executable file. Even after downloading a file, it can do nothing unless you open and run it. However, once you open and run it, you are opening your computer up to anything on the file, including viruses and malware, which could harm your computer. Opening a suspicious file is very risky, and can result in your computer failing to work, theft of sensitive information, and loss of important data. This is why it is important to confirm that the downloaded file is safe before running it. Below are 8 ways to tell if a download is safe.

1. Assess Where You Are Downloading From

The first way to tell whether a download is likely to be safe or not is to assess where you are downloading from. If you are downloading from a legitimate and well-established website that has been up and running for years, then there is a much lower chance that you are downloading something malicious. For example, if you are downloading from the official Microsoft site, it is extremely unlikely that you would be downloading something malicious.

On the other hand, if you are downloading from a very new website that has only been up and running for a few weeks, it is much more likely that the file will contain hidden malware, like Trojan horses, spyware, ransomware, or keyloggers which will sneakily install on your computer if you open and run the file. If you have unexpectedly received the file as an email attachment from someone you don't know, then you should immediately delete the email. That is an immediate sign that the file is very likely to contain malware.

You should only ever download and run files from websites you absolutely trust. Never download things from random websites that you don't know. It is not uncommon for malicious websites that distribute malware and other unwanted software to come up in search engines, like Google, so be very careful when searching for downloads for a software program or applications. For more information about how to tell whether a website is legitimate, see this article.

2. Scan The File With Your Antivirus

The second thing that you should do to determine whether a downloaded file is safe is to scan it with your antivirus. You will need to manually scan that single file. Once the scan is finished, you will find out whether the file is considered safe or malicious by your antivirus. Make sure to scan the downloaded file with a reputable antivirus, like Windows Defender. If it is a virus, you can delete it. Most antiviruses include real-time protection, which will block any viruses from running and quarantine them. Some may automatically scan downloaded files for you.

Whilst antiviruses are very useful for detecting and removing malware, don't entirely rely on antiviruses to determine whether a file is safe to open or not. No antivirus is 100% perfect and antiviruses do not provide total protection. This is because there are always new malware programs being written and it takes time to spot and create the virus signatures for the malware. In addition, cybercriminals try to find ways to bypass detection mechanisms.

3. Upload The File To VirusTotal

A good way of scanning a downloaded file for viruses is to upload it to VirusTotal. VirusTotal makes it easy to detect suspicious files by showing you the results from over 70 major antivirus scanners. It also displays each engine's detection label. If most antivirus scanners detect it as malicious, then you know that the file is very likely to harm your computer and it is best to avoid it. This method is more reliable than only using your antivirus to scan the downloaded file since it shows you the results from lots of different antiviruses instead of a single one.

4. Look At The Comments Section Or Forum On The Download Page

If there is a comments section on the page or a forum, see what other people say about the file. If lots of people say that they have experienced problems with the file, then it is best to avoid it. If lots of people have said that it works or that it is safe, then the download is more likely to be safe.

Be careful when relying on the reviews on the website itself to determine whether a download is safe. Scam sites often fill their reviews section with fake positive reviews or comments, made-up names of people, photos from random sources, and text that is copied word-for-word from other websites to trick other people into downloading malware. This is becoming quite common for sites that use WordPress comments or their own comment system. Comments or forums powered by third parties, like YouTube or Disqus, are a better way of getting a clearer idea of what other people think as it is harder to post fake reviews or comments.

Also, be careful when looking at the reviews or comments on the download page. If they all look the same, are all posted within a very short time span, are vague and do not go into much detail, or contain lots of spelling and grammatical errors, then they might be fake.

5. Assess What You Are Downloading

You should also carefully assess what you are downloading. If you are trying to download something like pornography or 'mods' for specific games or software, then it is much more likely that the download will contain a hidden virus. These are the two most common places where you get all the viruses.

Also, is what you are trying to download something that is commonly downloaded? If not, there is a higher likelihood that there is going to be hidden malware in the download. If a specific program has been downloaded millions of times, then it is more likely to be safe and trustworthy. This doesn't mean that you should never open files that would not be commonly downloaded. But, you should always verify that a program is legitimate before installing it. If it looks suspicious, then it probably is.

6. Check Whether The File Is Signed

Before running an executable file, you should check whether it is signed. In Windows, you can find out details of the publisher by right-clicking, selecting 'properties', and selecting 'details'. If you double-click on the file, you will be warned if the file is not signed or the publisher is unknown. If it is not signed, it is more likely to be something malicious. Although there is no guarantee that if the file is signed, the file is safe to open, it is more likely that an unsigned file will harm your computer. This is because malicious executable files are often not signed.

7. Assess The File Size

It is also important to carefully assess the file size. If it is very large or small for what it is, the likelihood of it having hidden malware or being a fake file that mimics a legitimate program and installs malware is much higher. For example, if you are trying to install a software program that normally has a setup file size of 10 MB and you have received a setup file that is 50 MB in size, it could be bundled with malware or other unwanted programs. If the file size is very small for what it is, then it may be junk and not do what you were expecting.

8. Assess The Filename and File Extension

The final thing that you should assess when determining whether a download is safe is the filename and file extension. Is the filename vague or spammy? (e.g. 'file.exe', 'download.exe', 'rj4r8jf0weuje3euj.exe'). If so, then it is less likely to be legitimate. This is because virus creators often don't bother naming their file to something memorable or something that describes the file.

Also, carefully take a look at the file extension. A common method used by cybercriminals is to have a double file extension, like 'file.jpg.exe'. The file looks like it is a JPG image file, but it is actually an executable file. To make browsing files more visually appealing, Windows hides file extensions by default, but you can choose to show file extensions. If the file has a double extension, this is an immediate sign that there is something to hide and you should avoid the file.

What To Do If I Have Downloaded Something Suspicious and Ran It?

If it is too late and you have already run the suspicious file, then you will need to use a reputable antivirus to scan your computer for viruses and malware and remove any it finds as soon as possible. It is recommended to run a full scan, not a quick scan, as this may find hidden malware. This is the simplest way to remove most types of malware. If the malicious program has deleted, corrupted, or encrypted your files, you will need to use a backup to recover them. If you don't have a backup, you probably won't be able to recover your files. Antiviruses cannot remove all viruses and in extreme cases, you may have to reinstall the operating system to remove all traces of the virus.


Feedback

  • Is there anything that you disagree with on this page?
  • Are there any spelling, grammatical, or punctuation errors on this page?
  • Are there any broken links or design errors on this page?

If so, it is important that you tell me as soon as possible on this page.


Comments