Study Shows Average User Is Pretty Stupid When It Comes to Popups
September 24, 2008 8:15 AM
The new study from the North Carolina State University's Psych department shows just how dumb the average user is when it comes to computer security. The study shows users are willing to do anything, including throwing security caution to the wind, to get rid of minor annoyances.
A new study is giving computer savvy users a look at the "other" users' behavior
You often wonder how users fall for seemingly obvious ploys -- you know, the letter from Makib in Ethiopia seeking for donations for an orphanage, or perhaps the most recent
fake ticket emails that claim to have your ticket in a ZIP file
. To the computer savvy, these silly attempts might make for a good morning laugh, but security experts say there's nothing to laugh about when millions of naïve users fall for the scheme and their computers become part of a botnet, used to
launch devastating DoS attacks
A new study from the Psychology Department of North Carolina State University gives some insight into just how
easily tricked many users are
. On compromised websites one form of malware distribution is through popup windows. If users click to dismiss them, they often download malware onto their computers. So just how many users would be tricked into clicking?
The researchers crafted 4 dialog boxes and exposed 42 college students to them in a normal browsing atmosphere. Each box contained the cryptic message "The instruction at '0x77f41d24 referenced memory at '0x595c2a4c." The first one bore the markings of a standard Windows dialog, but the remainder had noticeable differences that should have warned users that it was malware.
In each of the dialogs putting the mouse over the "OK" button turned the cursor into a hand, a sign that it was a browser control, not a Windows dialog. The dialogs also all had minimize and maximize buttons. Starting with the second one, a browser status bar was added to the bottom. Finally the last one was made blatantly obvious by text that flashed from black on a white background to white on a black background.
To properly lure the college students into the ruse, they created a series of fake medical websites in Flash. The students were told they were going to be quizzed on the information on the sites after the test. The popups were then activated as the students were browsing the sites.
Of the 42 college students, 26 clicked the "OK" button on the most normal looking dialog, 25 clicked on each of the more obvious fakes, and 23 clicked on the most obvious fake, the one with the flashing text. This study should be welcome news to malware crafters -- college educated users will click obviously dangerous dialogs over 50 percent of the time.
In all only 9 users closed the dialogs. The rest minimized them, or dragged them out of the way, risky behaviors, as the next user at the computer could be exposed to the dialog. The time between the dialog appearing and the user clicking remained approximately constant for all the dialogs. This seems to indicate that the users did not even think much before clicking the foreign message.
In follow up questions, over half of students said the dialog boxes were a distraction from the task at hand and they would do anything to get rid of them. The study seems to indicate that computer exposure, with lack of understanding has bred an atmosphere where users are unsurprised by dialogs and GUIs, and care little for their contents.
While the study's authors suggested education of students to warn them of these kind of dangers, the apathy of the students towards the dialogs seems to bring the fruits of such education into question.
The study is appearing soon in the journal
Proceedings of the Human Factors and Ergonomics Society.
"I mean, if you wanna break down someone's door, why don't you start with AT&T, for God sakes? They make your amazing phone unusable as a phone!" -- Jon Stewart on Apple and the iPhone
Hackers Inject Trojans Into Computers with Airline Ticket Scam
September 22, 2008, 10:11 AM
CNN.com Repels Hacker Attack After Coverage On Tibet
April 21, 2008, 9:55 AM
Google plans ultra-fast wireless Internet for Research Triangle Park, N.C.
August 12, 2016, 6:30 AM
Twitter Senior VP: "Diversity is Important, But We Can’t Lower the Bar"
November 9, 2015, 9:59 AM
CNN Resorts to Internet Censorship to Promote Clinton Over Senator Sanders
October 15, 2015, 2:47 PM
Breaking Bad: How to Crash Google's Chrome Browser With Just 8 Characters
September 23, 2015, 11:08 AM
Quick Note: Amazon UK Offers £10 Back on Any Order £50 or Over
August 3, 2015, 12:05 PM
Editorial: Reddit Allows Itself to be Hijacked as a Hate Platform For Racist Bigots
July 21, 2015, 6:32 PM
Most Popular Articles
Apple iOS Contains Secret One-handed Keyboard Code
October 22, 2016, 5:00 AM
The Unlocked Moto Z Play Launches for $449.99 Today.
October 22, 2016, 5:00 AM
The New HP Spectre: Revamped and Ready
October 23, 2016, 6:00 AM
New Way to Read Data on Ulta Hard Drives
October 23, 2016, 9:38 AM
Car Insurance - The Hidden Discriminatory Practise
October 18, 2016, 5:00 AM
Latest Blog Posts
From Time to Time, The Unbelievable and Unimaginable Happens!!!!
Oct 28, 2016, 4:56 AM
Key EpiPen Competitor Out in 2017 At ' Very Low' Cost
Oct 27, 2016, 5:30 AM
Researchers use CRISPR to Accelerate Search for HIV Cure
Oct 26, 2016, 5:00 AM
Medical Council of India Makes Generic Medicines Mandatory
Oct 25, 2016, 5:00 AM
MacBoo Pro 2016: Release date Oct. 27
Oct 24, 2016, 7:16 AM
Mac Users, Try this if Your Mac is Infected?
Oct 23, 2016, 7:00 AM
Tips to Prevent Smartphones From Overheating:
Oct 22, 2016, 5:00 AM
Nasa Flies Drones at Nevada Airport
Oct 21, 2016, 8:21 AM
T-Mobile Data Problems
Oct 20, 2016, 10:17 AM
Annoying Apple Watch Problems and How to Fix Them
Oct 20, 2016, 5:00 AM
Your Mail May Soon Be Delivered By Robot
Oct 19, 2016, 9:34 AM
2018 Jeep Wrangler Prototype Sells At Junkyard
Oct 18, 2016, 5:00 AM
Samsung Shines with Gold Edition Tablet
Oct 17, 2016, 9:24 AM
Tesla Hints Mysterious Product Debut for October 17th
Oct 16, 2016, 10:14 AM
Samsung Galaxy Note 7 Phones on US flights
Oct 15, 2016, 5:00 AM
Comcast Fined $2.3 Million For Unconfirmed Services Charged To Customers
Oct 14, 2016, 5:00 AM
“American singer / songwriter “Bob Dylan is awarded 2016 Nobel Prize in Literature.
Oct 13, 2016, 10:33 AM
More Blog Posts
Copyright 2016 DailyTech LLC. -
Terms, Conditions & Privacy Information