Malware Risk from Clicking Yelp, Google Reviews, etc. Photos?

In summary: That's a great question! I think a lot of it comes down to motivation. For example, a computer programmer might make more money, but they might not feel as accomplished as someone who commits crimes and gets their hands on malicious software.
  • #1
kyphysics
676
436
Often when there is a business that I want to get consumer reviews on, there will be a poster/reviewer who adds a photo to their comments.

For example, a person might show how an Amazon order came damaged. Or, a person on Yelp! or Google Reviews may post a photo of food they ate, etc.

The pics are thumbnail-sized and can be enlarged by clicking on them. Would this risk malware if they uploaded a pic file that was infected on their end? Or, do Google, Amazon, Yelp!, etc. scan and prevent such infected files from getting attached to comments? Thanks!
 
  • Like
Likes symbolipoint
Computer science news on Phys.org
  • #2
Clicking on anything in a web page has that potential. I wouldn't trust that any web provider would scan and protect against it as hackers are quite devious.

As an example, popups are added to a webpage. The providers disable popups and so the hackers switch to pop behinds. That gets disabled via a timeout scheme and so the hackers wait x seconds before executing a popup command. The evolution continues.

Another was web users, could hover on a link a link to see where it went so clever web page developers masked the display so you'd see something else. The original link might flash for a moment and then get replaced with what the hacker wanted you to see.

As long as javascript is the language then you will have these issues. It's often why security folks suggest disabling javascript entirely in your browser.

There are plugins like Web-of-Trust that will warn you based on site history whether a given link is okay to jump to. If you go then its on you as to what may happen. But again its not fool proof, one needs a fool to prove it too.
 
  • Like
Likes kyphysics
  • #3
Decent security software should protect you from any risks on the inter-webs.
 
  • #4
StevieTNZ said:
Decent security software should protect you from any risks on the inter-webs.
?I am interested to know other members' comments on that.
 
  • #5
symbolipoint said:
I am interested to know other members' comments on that.
You can count on hackers to be one step ahead of the defender software, at least for brief spells. That's why anti-virus software issues updates to their databases so frequently.

SO ... if you want to be safe, never open a file (jpg or otherwise) on anything but a trusted site, and be SURE you really ARE on a trusted site.

Just as an example, you could be re-directed to a site that has " ... amazone.com ... " in the URL and is a spoof of Amazon.com. If you're careless and are fooled into thinking you ARE on Amazon.com, all bets are off.
 
  • Like
Likes jedishrfu
  • #6
jedishrfu said:
Clicking on anything in a web page has that potential. I wouldn't trust that any web provider would scan and protect against it as hackers are quite devious.

As an example, popups are added to a webpage. The providers disable popups and so the hackers switch to pop behinds. That gets disabled via a timeout scheme and so the hackers wait x seconds before executing a popup command. The evolution continues.

Another was web users, could hover on a link a link to see where it went so clever web page developers masked the display so you'd see something else. The original link might flash for a moment and then get replaced with what the hacker wanted you to see.

As long as javascript is the language then you will have these issues. It's often why security folks suggest disabling javascript entirely in your browser.

There are plugins like Web-of-Trust that will warn you based on site history whether a given link is okay to jump to. If you go then its on you as to what may happen. But again its not fool proof, one needs a fool to prove it too.
I confess I have no idea what some of those are, but take it that you think even clicking on an Amazon.com photo (uploaded by a customer) or Google/Yelp! reviews photo (uploaded by reviewer/poster) could introduce malware?

Just to be clear, these are photos that are not linked to something external. Rather, they are just attached to the big name site's reviews. HYPOTHETICAL EX:

Google Review:
"Dr. x/y/z was fantastic. She was attentive to my needs, prescribed a/b/c to treat my concern, and 14 days later I'm all healed. See my before and after pics below."
[poster/reviewer posts pics on Google in her review]

The thing is, sometimes you have to click the photo to enlarge it. But, it'd still be viewed on Google...or Amazon...etc. and not linked to something external.
 
  • #7
phinds said:
You can count on hackers to be one step ahead of the defender software
I think I may have asked this off-handedly once, but why would such skilled individuals not just get a job in computer programming (vs. committing crime and risking jail)?!
 
  • #8
kyphysics said:
I think I may have asked this off-handedly once, but why would such skilled individuals not just get a job in computer programming (vs. committing crime and risking jail)?!
Who says they DON'T have such a job? Except for state actors, hacking is not necessarily a full time job.
 
  • #9
symbolipoint said:
?
What is your question?
 
  • #10
I think the question is:

Is it really true that decent security will protect you on the internet?

And the answer is: enjoy the surfing but "trust no one".

Bad actors are always looking for that zero-day and trying new things in their attempt to evade and overcome the latest security schemes and there is no immediate protection.

One can only be vaccinated against known threats but not against new threats.
 
  • #11
To do a "Mrs Gray", I'd say if you're so overly concerned of malware/virus risks, don't use the Internet at all. plane @ simple
 
  • #12
StevieTNZ said:
Decent security software should protect you from any risks on the inter-webs.
I admire your optimism, but not your grasp of the situation. How do you think Norton and other FIND OUT about new viruses?
 
  • #13
phinds said:
How do you think Norton and others FIND OUT about new viruses?
They ask the BEST, of course. . . . 🎯 . 🥇

1604011371469.png


They found your lost s too. . . . :cool:

.
 
  • #14
StevieTNZ said:
What is your question?
IN the post. I wrote the question below the initial question mark. Quoted again here,
I am interested to know other members' comments on that.
 
  • #15
.
I am interested to know other members' comments on that.
Please reference post #13 . . . . :wink:

.
 
  • #16
symbolipoint said:
IN the post. I wrote the question below the initial question mark. Quoted again here,
I wouldn't conclude what you wrote as a question; simply merely asking for opinions.

But besides that, I repeat: "To do a "Mrs Gray", I'd say if you're so overly concerned of malware/virus risks, don't use the Internet at all. plane @ simple"
 

1. What is malware and how does it affect my computer?

Malware is a type of malicious software that is designed to harm or exploit a computer system. It can come in the form of viruses, worms, Trojan horses, spyware, or adware. Malware can cause a range of issues, from slowing down your computer to stealing personal information.

2. How can clicking on photos from review sites like Yelp and Google put me at risk for malware?

Clicking on photos from review sites can put you at risk for malware if the photo contains a malicious link or is a disguised executable file. These links or files may download malware onto your computer without your knowledge or consent.

3. What are some common signs that my computer has been infected with malware?

Some common signs that your computer has been infected with malware include slow performance, pop-up ads, unfamiliar programs or files, changes to your browser settings, and frequent crashes or freezes. It is important to regularly scan your computer for malware and take preventative measures to avoid infection.

4. How can I protect myself from malware when browsing review sites?

To protect yourself from malware when browsing review sites, it is important to be cautious when clicking on links or downloading files from unknown sources. You can also install reputable anti-malware software and keep it updated, use a firewall, and regularly back up your important files.

5. What should I do if I suspect that I have downloaded malware from a photo on a review site?

If you suspect that you have downloaded malware from a photo on a review site, immediately disconnect from the internet and run a scan with your anti-malware software. If the scan detects malware, follow the recommended steps to remove it. You may also want to change your passwords and monitor your accounts for any suspicious activity.

Similar threads

  • Sticky
  • Feedback and Announcements
Replies
2
Views
494K
Back
Top