Network Security, Vulnerability Management

Study: Few internet users exercise caution


In a recent study, researchers found that most internet users are susceptible to tricks that could potentially open them up to attacks by malicious software.

Specifically, when faced with a pop-up warning, participants pressed the "OK" button in hopes the message would just go away. The study, Failure to Recognize Fake Internet Popup Warning Messages, was conducted by North Carolina State University psychology researchers, with 42 undergraduate students participating.

The students were given a "distracter task" of rating websites. During their task, four different warning messages popped up on their screen, three of which were fake messages from the browser. One, however, was a real Windows system error message, David Sharek, lead researcher of the study told on Thursday.

The fake messages said “Application Error – Microsoft Internet Explorer” at the top while real messages simply said “error.” One of the fake pop-up error messages flashed black and white.

Most of the time, participants clicked an “OK” button in the error messages instead of closing them using the "X" in the upper right corner.

The danger is that web fraudsters use fake pop-up warning messages to trick unsuspecting users. The participants' behavior suggests that people may not be able to recognize the difference between a real and fake error message.

“Falling prey to an illegitimate message could produce negative consequences that vary from bothersome computer performance to complete system failure,” the study said.

After the study, 42 percent of participants reported that they just wanted to “get rid of” the message. This may suggest that the annoyance of the pop-ups had something to do with the unsafe clicking behavior.

Though the majority of participants acted unsafely when exposed to pop-up error messages, the study doesn't necessarily draw any conclusions about how all internet users react to pop up messages. Since it was conducted on a lab computer, participants may have been less cautious than they would have been if they got the same message on their own computer, Sharek said. 

“All this study tells us is, it's a green light to investigate further,” Sharek said. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.