6 comments

[ 3.5 ms ] story [ 31.2 ms ] thread
Except that helpsmith.com would surely be the landing page? It might be against most online protocols to instigate a download, but to be fair to them, that's the download page for helpsmith.

In any case, I don't appreciate it, if I was on my wireless dongle, that would have been expensive data loss for me, might be worth shooting them an email to let them know.

Given the headline and the warning, why in the world would you link to the offending site?
It seems to be the download of their product (same URL as referred to on the download button, but as a <meta> refresh, 5 seconds). Highly unusual to trigger the download immediately, but at first glance seems to be innocuous.

https://www.virustotal.com/en/url/62ffa4af2b77fb35edfcce944a...

(click on downloaded file analysis, two hits are refering to a generic executable compression “PAK_GENERIC.009”)

Update: A little clarification. I got to this page by clicking on a Google Adwords ad for Helpsmith. The crazy thing is--when using Chrome I was not even prompted about whether or not I wanted to download--it just started saving to disk. When using IE or Firefox I was prompted and was able to decline.

I'm sure this file is indeed innocuous. However, it seems like a pretty slimeball move on their part.

> The crazy thing is--when using Chrome I was not even prompted about whether or not I wanted to download--it just started saving to disk.

So change your security settings. With default settings, Chrome always prompts for authorization before downloading an executable.

But I agree this is incredibly sleazy behavior on their part.

Wow, that's crazy, I didn't even have to accept the download, it must think I instated it as if I pressed Save on it. Bad, bad, bad practise.