Beware of browser add-ons that offer all sorts of incentives including Mindspark

Beware of Mindspark; just do not click on the product. Ever. 

We are receiving many inquiries about infections from Mindspark/MyWebSearch/Ask toolbars.

It shouldn’t be an issue, however, the ad-injecting, or ad-redirecting toolbar continues to exist and is still not a good thing. Do not engage with this toolbar add-on or browser hijacker, as it is also known. 

The hijacker does not differentiate which browser you use, certainly the most commonly used ones:  Internet Explorer, Google Chrome, and Mozilla Firefox. It will attempt to have you download the extension regardless. 

Additionally, Mindspark toolbars are promoted on various download websites via banner ads. These promote the browser extensions and display the download buttons. In these cases, not only are they gaining information about you. The website is earning ppm revenue from ad impressions and click throughs. When users click on one of these banner ads, they leave behind cookies, which follow users all over the internet. 

The result is, behavior is tracked, profiles are created and sold to advertisers.   

Who is Mindspark? 

A marketing firm and data reseller. 

What is it? 

Mindspark offers hundreds of different toolbars with different names, the most common being the ‘Ask’ toolbar, as well as mywebsearch, mindspark, safepcrepair among others. Almost all of them have a common style of a search box, button, and a series of links to low quality websites that may contain the Ask logo on the right-hand side.

Mindspark is part of IAC or InterActiveCorp, a media and internet company that creates revenue with invasive advertising. Its EULA and Privacy Policy always clearly displays their intentions; however, their promises are overstated. 

Adware.Mindspark is typically installed by the users themselves, who may be prompted to do so by exaggerated promises. The adware provides toolbars and new-tab pages claiming to offer prizes, emoticons, and helpful tools for hobbyists, catering to user’s apparent interests.

To remove this product, several steps must be undertaken — reach out to someone technical if you must.  

Why is it so bad? 

These toolbars log absolutely everything that you are doing on your browser (over the internet) which potentially includes logins to secure sites. Consider multi-factor authentication for added protection.

These add-ons can inject and replace advertisements and content and potentially share everything logged with unknown third parties. 

What can you do? 

Never, in any situation, install add-ons on Remote Desktop servers. Generally, you should avoid installing anything on shared workspaces, especially any toolbars. Be very careful when installing free software on workstations, reject options to install toolbars, cleaners, and browser add-ons. that are commonly bundled with the program. If you see these toolbars on your workstations, let your IT support provider know about this immediately.  

ESET antivirus blocks most of the activity from Mindspark, however, users should be vigilant. Up-to-date software and good hardware, sure, is important, however, the biggest risk factor is the user. Do not fall victim to cybercrime. Keep yourself, and your staff well-educated and up to date on the latest news and best practices. 

About Smart Dolphins 

During the past 20 years, we have been helping small and medium-sized organizations drive efficiency and productivity by ensuring that their systems are fast, secure, and reliable. During this time, we have fine-tuned a very special process of auditing and aligning our clients with world-class standards and best practices. Learn more about our managed IT services. 

Additional Information can be found at:
https://blog.malwarebytes.com/cybercrime/2014/11/mindspark-toolbars/

To join us at an upcoming cybersecurity awareness session, visit: https://www.smartdolphins.com/training/