Browser toolbars – once a blessing, now a curse

You will no doubt have seen prompts that ask you to install a toolbar during the installation of another program. While the first examples of toolbars were useful and popular, today there is a barrage of senseless and annoying toolbars plaguing Internet users. As is so often the case, the motive behind this trend is economic. In this article we will explain what toolbars are and why there are so many of them these days.

The term toolbar is derived from the word “tool” implying that it’s something that is designed to help you. A toolbar is akin to a tool kit for your browser that is always at hand to provide easy access to common functions. The basic idea behind them is good, and accordingly there are a number of very useful toolbars. For instance, there are millions of people who use Google’s Toolbar, enabling them to use the search engine from within their browser, without having to open Google’s website.

In recent years though, there have been toolbars popping up all over the place. Whether it be while setting up a new program, with a download or even while installing a driver – you are regularly prompted to install one of these little toolbars. One of the most common is the Ask Toolbar which is associated with the search engine Ask.com. Numerous software vendors offer it bundled with their own products, including many well known names such as burning software giant, Nero.


Prompt to install the Ask Toolbar with Nero

Why do they do this? – Quite simply, because Ask.com pays one or two dollars to the vendors per toolbar installation. Given the enormous number of downloads, this adds up to a lot of money; a nice side income that few companies can resist. This also quickly pays off for Ask.com, because as soon as you use their search engine, the display of ads makes their cash registers ring.

You may question whether there is anything illegal or immoral about this practice. Ultimately, Ask.com manages to operate within legal boundaries, as the user isn’t forced to install their toolbar. However, as you can see from the picture, you have to deactivate three check boxes in order to avoid installing the Ask Toolbar and having your browser’s homepage and default search engine changed. Not exactly what one would call unobtrusive behavior. Moreover, few people will take the time to read the License Agreement and Privacy Policy. It’s important not to overlook the fact that by installing the toolbar, i.e. regular software, you enable Ask to access your PC and thus to collect statistical data and create user profiles.

Even large software companies collect user data

Ask.com is a widespread example, but by no means a rare case. Even software giant Microsoft’s search engine attracted considerable attention last year as the associated Bing Toolbar was suspected of stealing Google search results. From Internet Explorer 8 onwards, Bing toolbar has been recommended during installation and therefore if installed, has access to all browser activity. Theoretically, this enables Microsoft to record search terms entered into Google for example, and which links are then clicked. Microsoft denies that this occurs, of course.

If you have Internet Explorer installed, you have likely also agreed to the collection of data simply by participating in the “Consumer Experience
Program”, i.e. Microsoft’s program aimed at improving their usability. This check box is activated by default and sounds quite helpful at first. Ultimately though, it allows Microsoft to monitor your browser input and settings and save this data for their own purposes.

If even large software providers engage in this kind of behavior, you may rightly wonder what tactics smaller toolbar vendors may be resorting to. The number of websites that offer their own toolbar has been increasing rapidly: whether it be online shops that promise a simple way of making purchases, different forums or supposedly useful applications like weather gadgets or phone books. The good news is that pure malware or adware toolbars are becoming less common. On the one hand, this may be due to the fact that there is no longer as much money in advertising as there was a few years ago, and on the other hand, due to the fact that pop-up ads are hardly discreet. If PC users start to see a constant deluge of pop-up windows opening, they are highly likely to become suspicious and turn to a virus scanner.

Though obviously unethical, these practices generally fly under the legal radar and are therefore an inconspicuous way of making a lot of money. We have already mentioned the ability to log user data; this could be to assist with technological development, for selling statistical data or in order to offer you specific products. There is a wide range of possibilities which promise sizeable returns. Some toolbar manufacturers even take it a step further by recording not only browser data, but also your activities in various social networks including your login details.


MyWay Toolbar asking for access to your personal information

MyWay Toolbar, generally classified as adware, even asks you to enter your Facebook and e-mail password – under the impression it’s for your ease of use and convenience as a user. MyWay claims that in the latest version data is no longer recorded, but either way, we advise against the use of such toolbars especially those with integrated Facebook and e-mail features. Even if there is no outright abuse intended there may still be a security risk, as improperly written code can be enough to leave your PC open to hackers.

Money is an incentive for many companies

As described above, bundling toolbars with other software as well as distributing your own toolbar is extremely lucrative. However, having already noted the serious repercussions to a user’s privacy and the close relationship of such toolbars to adware and trojans, you may be surprised to hear that even many well known security software vendors offer to install various toolbars along with their own products. The renowned antivirus expert “Donna”, operator of the security forum “calendarofupdates.com” maintains a very interesting and current list of these companies as well as a “Hall of Shame” of programs known to include these undesirable extras.

At this point, it should also be mentioned that at Emsisoft we clearly distance ourselves from this type of business practice, as our integrity and the security of our customers is far more important to us than raking in fast cash. We also carefully examine products that we recommended or provide tips on through our newsletter.

A number of toolbar providers contact us regularly because our malware scanners “Emsisoft Emergency Kit” and “Emsisoft Anti-Malware” detect many of these “unwanted” toolbars as Riskware. Of course, the authors of these toolbars don’t want to have them removed from circulation and therefore report them regularly as false positives. Some examples from recent weeks include: Dealio, SearchSuite, Rubar, Asksbar, Zugo and the Multibar – all well known toolbars that have gained notoriety for distributing Adware or even Trojans.

Conclusion

Only install a toolbar if you truly want or need it. In principle, any software installed on your PC, or in this case, launched every time you open your browser – represents a potential security risk. Furthermore, the majority of toolbars are known for collecting user data, something that’s critical to be aware of at least, if not to avoid altogether. When installing new software, always pay close attention to whether any other products are bundled with it and selected for installation by default. This may be more tedious than simply clicking “Next”, but it will save you a lot of trouble later.

In addition, you should install good security software with real-time protection. Emsisoft Anti-Malware protects your PC in three ways. Surf protection prevents you from visiting dangerous websites, some of which as known for distributing unwanted toolbars. The powerful dual-engine scanner detects malware if it manages to enter your PC, and even unknown threats are reliably blocked thanks to the advanced behavioral analysis.

 

Have a nice (malware-free) day!

Your Emsisoft Team

www.emsisoft.com