Over recent months, I’ve heard a lot from security experts and bloggers alike about spyware websites distributing their wares by way of fake screens that make users think they’re looking at errors and virus reports on their desktop. It’s an easy way to fool the less savvy into downloading malicious files, and all by convincing them they’re securing their computer or cleaning it up. I think it’s fair to say that there’s a general consensus that anything trying to fake a desktop look is going to be pretty bad.
So, what happens when a site tries to replicate your browser?
I was browsing a site called InformationWeek earlier — I’m not going to link to it, the amount of advertising is scary and worse so on Internet Explorer — by way of Reddit. I was reading an article on green electric cars (not that it’s relevant) when my browser flashed up one of those little information bars across the top… or rather, I thought it was the browser. In a split second I’d moved my mouse to the top of the screen ready to click it away or get more info, when I suddenly realised it was a bloody advertisement.
Now, although my brain processed what it was faster than my finger in that instance, I may have not been so lucky if I’d been tired or if I wasn’t concentrating on what I was doing at the time. How many users could fall for a similar try by way of a styled yellow box flashing full screen across the browser, but instead of an advert… a link to spyware, or porn (big problem for kiddies), or something equally undesirable? I don’t see how impersonating the OS is any different to trying to impersonate the browser.
The irony? (Or I thought so…) the advert is for a seminar/event on security!