Sneaky Tactics: Making Adverts Look Like the Browser

13 comments

Over recent months, I’ve heard a lot from security experts and bloggers alike about spyware websites distributing their wares by way of fake screens that make users think they’re looking at errors and virus reports on their desktop. It’s an easy way to fool the less savvy into downloading malicious files, and all by convincing them they’re securing their computer or cleaning it up. I think it’s fair to say that there’s a general consensus that anything trying to fake a desktop look is going to be pretty bad.

So, what happens when a site tries to replicate your browser?

I was browsing a site called InformationWeek earlier — I’m not going to link to it, the amount of advertising is scary and worse so on Internet Explorer — by way of Reddit. I was reading an article on green electric cars (not that it’s relevant) when my browser flashed up one of those little information bars across the top… or rather, I thought it was the browser. In a split second I’d moved my mouse to the top of the screen ready to click it away or get more info, when I suddenly realised it was a bloody advertisement.

sneaky advertising tactics

Now, although my brain processed what it was faster than my finger in that instance, I may have not been so lucky if I’d been tired or if I wasn’t concentrating on what I was doing at the time. How many users could fall for a similar try by way of a styled yellow box flashing full screen across the browser, but instead of an advert… a link to spyware, or porn (big problem for kiddies), or something equally undesirable? I don’t see how impersonating the OS is any different to trying to impersonate the browser.

The irony? (Or I thought so…) the advert is for a seminar/event on security!

Jem Turner jem@jemjabella.co.uk +44(0)7521056376

13 comments so far

  1. Heather said:
    On October 9, 2008 at 10:43 pm

    I don’t know a whole lot about what’s okay and what’s not okay in the realm of internet advertising, but isn’t that kind of related to false advertising? Deceiving the consumer/public for self gain? I’m pretty sure these things are illegal at least in some places. I seem to remember awhile back that advertisements that mimicked browsers/OS had to have the word “advertisement” clearly marked on them. Hmm…

    But I’m talking out of my ass so who knows.

  2. Amy said:
    On October 9, 2008 at 11:04 pm

    It’s not just you, I see the irony, too. Oddly enough, just before I came across your site on Google Reader, I’d had to suddenly turn off my computer to avoid one of those virus protection scam things. Time to renew the Norton. :P

  3. Jessica said:
    On October 9, 2008 at 11:35 pm

    I’m one blog late on this, but I hope your sister feels better!

  4. Aimée said:
    On October 10, 2008 at 1:24 am

    I don’t think it’s worth trying to mimic browsers what with their diversity and whatnot. Thankfully I’ve never fallen for them… thus far!

  5. So Ching Hwa said:
    On October 10, 2008 at 2:30 am

    That’s not very fair. The entire mimicking browsers, I mean. Like, sometimes they have those popups that LOOK like browser alerts but aren’t. My mother sometimes clicks them. :)

    P.S. On your PHP Mail script, I keep getting spam mail. Should I just edit the install file to include the spammy words?

  6. Vera said:
    On October 10, 2008 at 6:19 am

    Creepy, most especially given how absent-minded I tend to be.

    I’ll have to pay twice as much attention from now on.

  7. Chans said:
    On October 10, 2008 at 7:11 am

    I will now have to try and explain to my parents (not so computer savvy) that they really need to be careful what they click ‘away’ when it comes to browser warnings, as it might be advertisement or spyware instead.

    Thanks for the warning Jem!

  8. Catherine said:
    On October 10, 2008 at 9:26 am

    Wow, that is creepy. I’ll have to keep an eye out for those just in case.

  9. Aaron said:
    On October 10, 2008 at 3:34 pm

    I hate desktop hijackers. They are simply the worst, especially since most smit fraud fixes aren’t updated frequently enough to be up to date with the latest hijacks. I have yet to come across a yellow bar advertisement, but that is incredibly sneaky. Another one I hate are those fake warnings on the taskbar that lead you to “virus protection” software websites.

    That is ironic how the advertisement was for a security seminar.

  10. Laura said:
    On October 10, 2008 at 6:10 pm

    I’ve seen this done before, and it’s annoying because I nearly always fall for it.

  11. Anita said:
    On October 10, 2008 at 10:52 pm

    I don’t think it’s ironic at all that it’s a security seminar. Psh, thats practily all of the advertisements I get. I once visited a site that, when you visit it, it automaticaly starts installing a so-called “virus protector” onto your computer, while ot gives you never-ending “OK boxes” (or whatever those little buggers are called) so you can’t cancil it. Whatever it was deleted my control panel so I had to reinstall Windows XP.

  12. Anita said:
    On October 10, 2008 at 10:53 pm

    *it
    *cancel
    *Practically
    Darn, I’m on a roll today.

  13. McKenna said:
    On October 13, 2008 at 2:06 am

    I agree with Heather. It seems like this kind of false advertising should be illegal, if it isn’t already. But unfortunately I don’t think that would stop the creators of the spyware, since people who try to track another internet user’s every move online couldn’t exactly be called honest….
    I wish the government would take more action to catch people who create viruses, spyware, adware, etc. It’s very disruptive and hazardous to any computer owner. I had an unfavorable experience back in Spring ’07 when my laptop PC got a virus and was rendered unusable. I was lucky I had backed up all my files, but if I hadn’t I would have lost everything.
    On a cheerier note, I really like this layout. I envy all the expertly rounded corners! :)