File downloads are always a risky business. If you are not careful, you might end up ruining your computer when downloading.
The internet has many websites that claim they have the correct file. Most of the time, you have to open the file to confirm the file is safe. And by that time, it may be too late to protect your PC from malware and virus programs.
Avoid Dowloading From Suspicious Websites
This is a no-brainer. Downloads from shady websites or third-party apps that appear suspicious should be avoided at all costs. These parties’ downloads may contain additional files that unknowingly install malware on your systems. Here are some sources you should avoid.:
Pop-ups and Redirects
Imagine clicking a download link and a pop-up appears. The pop-up has another download button it wants you to press. If you click on it, it will take you to a different website and make you download from there.
This type of scenario is common on many websites. The pop-up may take you to a shady website where downloading files puts your PC at risk. If a pop-up appears, it is best to close it right away and try again.
A good approach is to use a pop-up blocker. But some websites prefer opening pop-ups for downloads by design. In these cases, check the address of the pop-up bar to make sure it is the same as the download page domain.
Avoid Downloading Torrents
Torrents is a highly popular P2P file-sharing website. Typically files found in torrent sites are copyrighted or commercial material. Most of them are provided by anonymous sources and there is no telling if the file is tampered with.
Applications downloaded from torrents may or may not be the applications you want. There is no incentive to provide the right file for downloading as a torrent. You may be downloading a malware program or a virus on your PC.
Apart from the legal aspect, torrents are highly unsafe for downloading files. You should avoid downloading torrents from unknown users. To confirm a file is safe, you have to download it from a known, trusted source.
Use HTTPS Over HTTP
HyperText Transfer Protocol is the backbone of the internet. Internet browsing and downloading works in a stream of HTTP requests and responses. Simply put, HTTPS is encrypted HTTP. Secure encryption ensures that the website you are visiting is trusted.
- Go to the download page on the website.
- Click the lock button next to the website address.
- Make sure that the green lock is on and a secure connection message is displayed.
How to Check if a File Is Safe Before Downloading It
To protect yourself from download threats, always perform a safety check before downloading. Continue reading below to know some of the regular safety approaches to download a file.
Scan Using Antivirus
Depending on the type of Antivirus you have, you can do a file check before or after performing a download.
Antivirus programs designed for online protection integrate into your internet browser. Then, when you click on a file link and it starts downloading, they instantly check it for any security risks. If found, they will prevent it from downloading and prompt for action.
Some Antivirus programs also have an option to check out a link before clicking it. Normally, you should find this option when you right-click on the link itself. If the file is unsafe, the Antivirus will alert you right away.
Check the Format
Know your file formats. Whether a new or old Windows user, always make sure to enable file extensions in Explorer by default. It’s a security hazard that they turn it off by default. Turn it on from the explorer File options .
Many websites such as Fileinfo lets you search from their large database of file extensions. File extensions are three or four characters long. They are the last characters after the period (.) shown in the file name.
- Make a note of the file extension displayed on the page before downloading it.
- If it’s not displayed, click on the download button but don’t confirm downloading yet.
- When the browser gives you the confirmation box, note the file extension.
- Or, if you have already downloaded the file, go to the download location and make a note of file extension.
- Make sure that the format is safe and matches the extension of the file you’re going to download.
Check the Dates and Number of Downloads
Most websites display the uploaded date on the downloads page. This date tells you when the file was uploaded to the site. If it’s a fairly recent date, it is likely the site moderators haven’t vetted the file yet.
Another key information is the number of downloads. Newer files may not have been downloaded by other users yet. Thus the file hasn’t yet built up a rapport with the users. Give the page some time, and once you see the numbers increase, you can deem it is safe to download the file yourself.
Note that these two factors are not complete indications of the validity of a file. They only tell you whether a file is trusted and downloaded by other users.
Check Md5 File Hash
Md5 sum file hash is a popular means of verifying any file. Md5 algorithm takes a file and generates a 128 character unique hash. This way, if the download file is tampered with, the resulting hash would be different.
Many download websites offer md5 hash along with the download link. With it, you can verify if the file you get is the same as the one they provide. This is a good approach if you trust the file provider to let you download your file safely.
Note that you would still have to download the file first before you can start checking it. You should open the file only after you’re sure it’s safe to do so.
- Note down the file hash next to the download link.
- Go to any online md5 hash checker tool.
- Upload the file and let the tool generate hash for you.
- Compare the file hashes together to make sure they are the same.
Use Windows Sandbox(Windows Pro or Enterprise Versions Only)
Windows Sandbox is a special feature provided by Microsoft as a testing ground. Even if you manage to break your sandboxed Windows, it won’t have any impact on your base Windows at all. So, it is a good idea to test all your suspicious download links in a sandbox environment.
Note that the feature is available in Pro and Enterprise versions only. Other Windows users can use a virtual box or VMware image instead.
- Go to the Start Menu and type ‘windows feature’.
- Select Turn Windows feature on or off.
- On the provided list, select Windows Sandbox to toggle it on.
- Press OK.
- Go to the Start Menu again. Type Windows Sandbox and press Enter.
- Open the browser inside the sandboxed environment.
- Go to the downloads page.
- Download your file inside the sandboxed Windows.
- After downloading completely, you can open the file and do all your checks to verify it.
- Once verified, you can close the sandbox.
- Select OK to delete all contents of the sandbox permanently .
- Repeat the download on your base Windows system.
Check the Forums
Forums are the place to confirm the validity of any file. Most of the download websites provide a discussion forum for site visitors. Anyone can register for an account in the discussion forum and post their questions. Other experienced users can write answers and even upvote questions and answers.
The content on forums is mostly posted by visitors like you. If you do a quick search for the file topic you can find what other people are talking about it. They can confirm for you if the file is safe to use. Or they can warn visitors to not download the file.
Some users even make time to point you to the correct file that you’d need to download. Since anyone can post on the forums, you still need to be careful in believing what you read. I always recommend taking the file forums with a large pinch of salt.
Check File Reviews
If the site does not provide a forum, they may yet provide file reviews. A file review summarizes the safety and verification of the file you are going to download. File review can be expressed in terms of rating or a short comment. They both describe the experience of other downloaders.
Before clicking the download button, always make sure to check the file reviews first. You can also find relevant reviews on other websites such as getapp.com or file stage.
Use Virustotal.com
Virustotal is a reliable site to perform safety checks. It has two modes, the first file mode and the second is link mode. File mode allows you to upload a file and verify if it’s safe. Link mode allows you to run a safety check even before downloading the file.
Virustotal runs virus scans against a database of multiple vendors. It then reports if the file passed all safety checks. For now, we will stick to using link mode.
- Do a right-click on the download button/link on any page.
- Select Copy link address.
- Open a new tab and go to https://virustotal.com.
- Click on the URL tab.
- Paste the URL on the URL box.
- Press Enter to start scanning.
- Wait until Virustotal runs complete security checks on this link/file.
Frequently Asked Questions
How to Disable Automatic Downloads in my Browser?
To disable the automatic downloading of files, follow these steps.
Chrome
- Go to the address bar and type
chrome://settings/content/automaticDownloads
- Change the setting to Don’t allow sites to automatically download multiple files.
- Remove any site that is allowed to download files automatically.
Firefox
- Click on the hamburger icon and select Settings.
- Go to Applications under General.
- For each content type, click on dropdown action to change to Always ask.
Safari
- Go to the Safari menu and select Preferences.
- Under the General tab, select a File download location.
- Select Ask for each download.
- Under the General tab, select a File download location.
- Select Ask for each download.