From our front-page news:
We've all seen them... fake Windows dialogs that pop up when we visit a certain site, begging us to click the OK button to either download some security software, to acknowledge a fact or anything else that could walk the line of believability. The sad thing is that these pop-ups are likely one of the leading causes of installed malware, because most users don't actually read what's being said, or they might actually believe the warning.
A new study had researchers develop a set of four different fake pop-ups to see how fifty college students would react when one popped up on the screen. Sure enough, the majority either clicked through to acknowledge the pop-up, moved it out of the way, or simply closed it. The amount of time between the actual pop-up and the action from the user was proven to be very low, showing that users really don't take any time to see what's being said, or to verify its validity.
It goes without saying that this is one of those tricks that all your friends and family should know about. You might know the difference between a real dialog and a fake, but most people don't. That's the sad reality, and it's the reason so many security companies have a thriving business that won't be fading anytime soon.
In all cases, mousing over the "OK" button would cause the cursor to turn into a hand button, behavior more typical of a browser control; all dialogs also had minimize and maximize buttons, while a second added a browser status bar to the bottom of the window. Finally, the most blatant one alternated between black text and a white background and a white-on-black theme. All of these should metaphorically scream, "This is not safe!"
Source: Ars Technica
A new study had researchers develop a set of four different fake pop-ups to see how fifty college students would react when one popped up on the screen. Sure enough, the majority either clicked through to acknowledge the pop-up, moved it out of the way, or simply closed it. The amount of time between the actual pop-up and the action from the user was proven to be very low, showing that users really don't take any time to see what's being said, or to verify its validity.
It goes without saying that this is one of those tricks that all your friends and family should know about. You might know the difference between a real dialog and a fake, but most people don't. That's the sad reality, and it's the reason so many security companies have a thriving business that won't be fading anytime soon.
In all cases, mousing over the "OK" button would cause the cursor to turn into a hand button, behavior more typical of a browser control; all dialogs also had minimize and maximize buttons, while a second added a browser status bar to the bottom of the window. Finally, the most blatant one alternated between black text and a white background and a white-on-black theme. All of these should metaphorically scream, "This is not safe!"
Source: Ars Technica