PDFCreator is a free tool to create PDF files from nearly any Windows application. Real PDFCreator Web site is: http://www.pdfforge.org/products/pdfcreator. I have been using it for quite some time (as per trusted friend recomendation) and it is really good tool. Easy to use and pretty fast, it satisfies most of my needs regarding creating PDF files i.e. printing to PDF from various programs which I use.
But there are some impostors on the Internet. Wikipedia article about PDFCreator says:
PDFCreator’s popularity, achieved through word of mouth advertising, has motivated other commercial software vendors to try to fool people who are looking for the free software PDFCreator to purchase their own commercial software version instead, by using a similarly spelled name to “PDFCreator”.
Such attempts include Capsoft’s USD$57.95 PDF Creator and WCCL’s USD$24.95 PDF-Creator.
I will not put that links here as I don’t want to give them any additional PR, but names of domains are carefully chosen so you can easily be mistaken. Actually, this may be considered as kind of scam and phishing. Not exactly according to classic definition of phishing scam but using some of its principles.
I was tricked by CapSoft recently. It’s funny how it happened. New computer required many things to be installed and set up. As I didn’t have the appropriate PDFCreator version saved on my disc, I did brief research on the Internet, I found it (I thought it was appropriate one), and downloaded it, and… Previously, I spent a lot of time installing, transferring data from old machine, setting up, and I was pretty tired. In those circumstances, I missed to check if that version and the PDF website, which I easily googled, was the appropriate one. I spotted that Web site looks a strange, but I thought they changed it since previous time I downloaded PDFCreator. They required e-mail address to send link for download, what was first bad sign. Link, which I received on e-mail, lead to download.com Web site, using redirection over some aweber.com domain. Unfortunately, I wasn’t to carefull, downloaded, installed that PDF Creator and started to use it. Soon, I got e-mail from them. Erhm… I can’t remember that for “old version” (actually right one), I was ever asked for my e-mail address neither I received any mails from them. And I received more mails, almost every 2-3 days one new mail. Needless to say that user interface is different, behavior is slightly different but I persuaded myself that it is because of newer version.
Suddenly, 14 days after installation it stopped to work as trial period passed and tool offered “Buy now” in message. I hit it and fortunately that button didn’t work somehow. Then, I inspected carefully information on CapsSoft and their version of PDF Creator and found out many complaints on net and also Wikipedia article which I cited above. McAfee Site Advisor also has got discussion about this. After this I inspected my machine for viruses, spyware, rootkits. I still have to check more thoroughly is there any malicious code that I might have got by installing wrong PDF Creator (with space between PDF and Creator in difference to PDFCreator without that space). Just to note that also, their wrong web site has www-pdfcreator in its domain name what is intentionally chosen to trick people. There is no “About us” section on their Web site, neither any phone that you can call nor physical address, apart from PO Box. Etc… etc… It looks like very suspicious company.
My advice is to be careful, very careful when downloading open source software, as many impostors use well known names and its variations to trick people and then to take money.
More details
Here are some details and screenshots that you may find interesting.
Somebody (pdf-creator@aweber.com; on behalf of; PDFCreator.com [customercare@www-pdfcreator.com]) continued to bother me every day with spam which offers this fake thing.
Message From PDF Creator: You have been randomly selected
See how that link looks like:
Message From PDF Creator: How link looks like
And who is sending message:
Message from CapSoft: Who is sending message
If you search on Google for PDF Creator (with space between PDF and Creator) you’ll probably see impostors’ names among sponsored links and then open source PDFCreator:
Impostors on Google search results list, sponsored links
If you search on Google for PDFCreator (without space between PDF and Creator):
Search on Google for PDFCreator (without space between PDF and Creator)
I use McAfee Site Advisor and it gives green check mark to CaspSoft’s web site. It should mean that downloads from this site are safe, but there are complains about it on McAfee Site http://www.siteadvisor.com/sites/www-pdfcreator.comwhich claims that it is connected to red domains and also related to phishing and other scams. Note dash between www and pdfcreator instead of usual www and then dot.
Here is partial screen shoot in time of writing this post:
McAfee Site about www-pdfcreator.com
And finally: be very careful with names of software and what you are downloading and installing.
Loading ...
Pingback: wikipedia » Tricked by Wrong PDFCreator Publisher | Dragan on Security
Hi Dragan,
This is John K. from CapSoft, Inc. publishers of PDF Creator located at http://www.pdfcreator.com/
As with any story there are two sides to consider and hear out. I feel it would be appropriate to let us respond to your allegations as you never brought your concerns to our attention. Furthermore, your research into finding facts on the situation seems to be non-existent and instead you crucify us for your own faulty misguided assumptions.
I feel the first point to note is that no one person or company holds Trademark claim to the term “PDF Creator”. Anyone and any business has the fair right to use this generic term. This name has been used before the Open Source project of “PDFCreator” and has been used since then. This is fair and legal, it’s capitalism and it’s what makes America great.
To imply that the Open Source project “PDFCreator” is sole owner and original developer of such a term is false. You’ve portrayed us as mimicking or copying when we are our own unique product from start to finish. We legally and rightfully use the name “PDF Creator” much like many other businesses and individuals, including the Open Source project “PDFCreator”.
You start your post by saying “I was tricked by CapSoft recently.”. I’d like to ask if you can explain at which point did we trick you? I only see you making a lot of assumptions and not performing due diligence on obvious signs of discrepancies that you so clearly note in your post.
Statements of Trickery:
1. “In those circumstances, I missed to check if that version and the PDF website, which I easily goggled, was the appropriate one.”
You clearly stated that you did not check to see if the version and PDF website was the correct one. Please explain how we tricked you when you did not even check?
2. “I spotted that Web site looks a strange, but I thought they changed it since previous time I downloaded PDFCreator.”
You obviously knew something looked strange. If this was the case then why did you not confirm you’re at the correct website? You ignored all signs that things were not what you expected but you continued on any way. Please explain how we tricked you?
3. “Unfortunately, I wasn’t to carefull, downloaded, installed that PDF Creator and started to use it.”
You clearly state that you were not careful during this whole process. Please explain how we tricked you when you clearly weren’t careful of what you were doing. Please explain how we tricked you?
4. “Needless to say that user interface is different, behavior is slightly different but I persuaded myself that it is because of newer version.”
Again, you clearly identify that everything is not as it should, but, again, you persuaded YOURSELF that everything was ok. Please explain how we tricked you?
—————————
It’s obvious that we did not trick you and that you tricked YOURSELF.
Everything (and I mean everything website, software, emails) is telling you this is NOT “PDFCreator” the Open Source project like you think. Yet for some reason you ignore all obvious logic telling you this is not what you think it is.
You make several notes to our domain http://www-pdfcreator.com and that it’s phishing. Did you not bother to check to see who the owners of http://www.pdfcreator.com actually were? I imagine you’ll be surprised to see that we are the owners of the domain. Are you implying that we are phishing our own website or copying our own name? That just does not make any sense.
As I see it you were too lazy to respond to your brain telling you this is not what you think it is and then when you didn’t get what you expected you looked for someone else to blame instead of taking responsibility for your own laziness.
Dear John,
Thank you for pointing to my laziness. :)
Anyway, I would appreciate if you answer next question for me and readers of this blog:
Is there any malicious behavior (virus, trojan, logic bomb, warm, rootkit, adware, spyware or similar) which you built in your PDF Creator software as part of its “functionality”?
Thank you,
Dragan
P.S. John, just to let you know that Akismet had considered your comment as spam before I looked into its queue and moved to regular comments.
Dragan,
Our software is 100% clean and contains no virus, trojan, logic bomb, worm, rootkit, adware, spyware, or anything malicious.
If this software is on the up and up then why did I get an email from them with this in the subject line ” Hotel for you fucking ” with information about some hotels in Africa? This hardly seems like something you would get from a reputable company. So I would like a real answer about this software because I think the initial post is correct and that this is some kind of malicious software posing as a pdf creator. If you like I can forward this email to whoever would like it just so you can see that I am not just blowing smoke.