New study highlights risk of fake popup warnings for Internet users

Sep 22, 2008

A new study by researchers at North Carolina State University shows that most Internet users are unable to distinguish genuine popup warnings messages from false ones – even after repeated mistakes. The fake ones were designed to trick users into downloading harmful software.

"This study demonstrates how easy it is to fool people on the Web," says study co-author Dr. Michael S. Wogalter, professor of psychology at NC State. The study examined the responses of undergraduate students to real and fake warning messages while they did a series of search tasks on a personal computer connected to the Internet. The real warning messages simulated local Windows operating system warnings, whereas fake messages were popup messages emanating from an exterior source via the Internet.

The physical differences between the real and the fake messages were subtle, and most participants did not discern them. Participants were fooled by the fake messages 63 percent of the time, hitting the "OK" button in the message box when it appeared on the screen despite being told that some of what they would be seeing would be false.

The ways people responded could potentially open them up to malevolent software, such as spyware or a computer virus, Wogalter says. Safer options, such as simply closing the message box, were infrequently chosen. The study was led by psychology graduate student David Sharek and co-authored by undergraduate Cameron Swofford.

Wogalter notes that companies and other credible entities may want to incorporate additional unique features into the real messages to allow people to differentiate between genuine warning messages and fake popups. However, he says, "I don't know if you could develop a legitimate message that could not be duplicated and used illegitimately."

Wogalter says the results of the study highlight the need to educate Internet users to be cautious. "Be suspicious when things pop up," Wogalter says. "Don't click OK – close the box instead."

Source: North Carolina State University

Explore further: Mozilla says HTTPS is the way forward for the Web

Related Stories

Can phone companies do more to block robocalls?

Apr 07, 2015

Jeri Vargas put her elderly mother on the "Do Not Call" list years ago. So why is the 88-year-old woman with Alzheimer's disease still getting several recorded phone calls a day pitching her everything from ...

Buying fake accounts won't get you anywhere on Twitter

Jan 15, 2015

Two of Scotland's leading politicians illustrate an interesting phenomenon on Twitter. In the wake of the Scottish National Party's surge in popularity following the independence referendum, Nicola Sturgeon ...

Experts see Korean parallels in Sony hack

Dec 04, 2014

Some cybersecurity experts say they've found striking similarities between the code used in the hack of Sony Pictures Entertainment and attacks blamed on North Korea which targeted South Korean companies ...

Recommended for you

Mozilla says HTTPS is the way forward for the Web

4 hours ago

The web developer community can hear a rallying cry loud and clear :Let's hear it for web security. Mozilla, the group behind the browser Firefox, is turning up the volume by saying enough's enough with non-secure ...

Facebook opens up Internet.org after neutrality flap

5 hours ago

Facebook said Monday it was opening up Internet.org, which provides connectivity to people in developing nations, to outside applications following a controversy over its limited set of online services.

Parents experience FOMO on Internet speak

May 01, 2015

If you tell your mum she's fleek, she probably won't get the compliment—social media is driving a rapid evolution of the English language that is leaving parents baffled, a study suggested Friday.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.