Bing ads link to adware-infested Internet Explorer as sponsored links go under the microscope

Expert Reviews has discovered that Microsoft’s Bing search engine is displaying prominent links to download sites, offering bloatware-stuffed versions of free software, including its own Internet Explorer.

These download sites are getting into search pages by buying advertising based on the relevant keyword. As Bing displays advertising at the top of the page, these download sites appear higher up than the product’s official page, which could fool users into going to the wrong site. Once on one of these sites, users are prompted to download a custom installer, which also attempts to install additional software, including adware, ad-injectors and other potentially unwanted software.

This kind of behaviour falls into a grey area. Technically, it’s not malware as the software asks permission to install and doesn’t directly affect your computer, which is why security software rarely picks it up. However, that doesn’t mean that it’s not a problem.

For starters, the opt-out options aren’t easy to spot and it’s easy for users to click Next in a wizard and ‘allow’ additional software onto their PC. Secondly, this kind of additional software is bloatware, sucking up resources and disk space. Thirdly, ad injectors are not only annoying, shovelling adverts into every website that you look at, but they can also break websites and stop them rendering. Finally, there’s the risk of a security flaw being discovered later, as with Lenovo and Superfish.

During our testing, we found that one bit of ‘harmless’ software we downloaded opened up a new website that had a pop-up warning (above) us that our computer had a virus. Calling the number on the site, our test computer was soon remote controlled by scammers who demanded £89 to ‘clean’ our computer. It’s exactly this sort of attack Microsoft has warned about in the past, including in a blog post in 2014.

^ Paint.NET, for example, gets its official download site at the top of Google (right), while Bing (left)displays two adverts to an unofficial website loaded with software you probably don’t want

With this kind of dubious practice harming users, Google has taken a tough stance and is disabling sponsored links to websites that bundle unwanted software with free downloads. Sadly, Bing has yet to take this approach.

Bing’s search results also have a sidebar on the right side of the screen that sometimes shows a link to software’s official download sites, but these aren’t always obvious or even present.

Dangerous links

We decided to find out just how bad the problem is on Bing. First, we went to Ninite.com to put together a list of our favourite bits of free, including Chrome, Firefox, Spotify and Paint.NET. We picked this site, as its own custom installers are guaranteed not to install toolbars or other junk bits of software.

Next, we searched for each application in Bing and noted down if the top download site was official or unofficial. If it was official but was in the ad box, i.e. the manufacturer has had to pay to be top of search results, we’ve noted that down, too. Next, if there was an unofficial download site, we downloaded the installer and took note of the extra software that we were asked to install. Finally, we downloaded the official installer directly from the manufacturer and did the same thing. You can see all of the full results in the table on page two of this article.

Six out of ten pieces of software were affected by unofficial sites locking out the top of Bing’s search results. All of the six unofficial download sites provided installers that promoted additional, potentially unwanted software including adware, PC cleaning programs, security software and toolbars. By comparison, using the same search terms on Google yielded 10 official download sites.

^ An ironic piece of potentially unwanted software we found during our testing

None of the installers alone were detected as potentially unwanted, although once we began clicking accept on each of the offers, Kaspersky anti-virus threw up warnings that we were installing potentially unwanted software.

We also checked the official websites of each piece of software to see how much – and what type – of additional software the official installers offered to the users. These mostly consisted of toolbars and search engine switches to one of the major providers including Google, Bing, Yahoo and Ask, although one official installer from Sourceforge contained Linkey, a piece of adware.

Reaction

Simon Edwards, technical director of Dennis Technology Labs, which conducts quarterly internet security stress tests and provides the data used in Expert Reviews’s anti-virus reviews, explained that the business of pre-loaded software is extremely complex.

“There’s so much money in this industry, it’s going to take quite a lot to stop people pushing around the edges of legitimacy,” said Edwards. “Search engines and security software can crack down on the ‘potentially unwanted software’ that users neither want nor need. However, in response to this, the firms that rely on distributing that software to make an income are likely to become more aggressive.

“If and when Bing stops showing those links the distributors have a choice: go out of business or be more subtle. They could turn completely legitimate, of course, but time will tell.”

David Emm, principal security researcher at Kaspersky Lab, told Expert Reviews that while such links may appear misleading, any given search engine provider will likely have carried out security checks before approving advertisements.

“Clearly it’s in their interest to do this thoroughly since if it turns out that their advertised links do harm, their reputation could be seriously damaged,” said Emm.

We contacted Microsoft to get its take on the situation. The company would not comment directly on our research and instead stated that it takes fraudulent advertising “very seriously”.

“We have an extensive process for filtering and monitoring Bing traffic against known fraudulent patterns to help detect and prevent against fraud and phishing techniques,” the spokesperson said. “We are dedicated to providing a trusted and reliable search experience for consumers and effective search advertising platform for our brand partners.”

The company said that users should report concerns and spam via the Bing reporting tool.

How can you avoid these problems?

First, it’s important to always go directly to the manufacturer’s website and follow its links for where to download its software. That way you’ll avoid a lot of the pitfalls. As we discovered, some manufacturers also try and make you install additional toolbars and other junk software, so it’s worth starting with Ninite. Our guide on how to install spyware-free software using Ninite will show you how to use the software and get clean software.

Finally, make sure that you’re running up-to-date security software to block anything really bad. Our guide to the best internet security software will help you find the best paid-for and free software to keep yourself protected.

Conclusion

While the additional software you can get from third-party installers and, in some cases, the original installer, may not count as malware, we still think that it’s a big user experience problem. This kind of software only exists to make its developers money and they do so in some horrible ways, affecting the way that you use computer. Just as bloatware on a PC is a bad thing, any additional software outside of the application that you wanted to download is also a bad thing. It’s our belief that search engines should clamp down on this kind of behaviour, block all adverts for these kinds of sites and refuse to rank them in regular search results.