Will Windows 8's new interface herald full-screen scareware?

sagarsg's picture
Microsoft has designed a new user interface for Windows 8, with an emphasis on bright colours and friendliness. Personally, the interface (dubbed "Metro") reminds me of a child's toy.

One of the interesting features of the Metro user interface is that
apps are designed to be full-screen, without any surrounding furniture.
That means you won't see scroll bars and the like, unless you interact
with the interface. One has to wonder whether this will lead to a wave of new scareware/fake anti-virus attacks. Currently, malicious hackers poison webpages to display what appears
to be a warning about malware found on your computer - tricking users
into downloading software. The initial alert pops up in your web
browser.


These phony alerts have proven to be a very effective way for
cybercriminals to fool users into installing their malicious scareware.
And it's very likely we'll continue to see hackers trick your browser
into displaying bogus warning messages But, with Windows 8, these browser-based fake anti-virus warnings
will be shown full-screen, without the tell-tale visible signs that
you're in a browser. That means meaning it may be even easier to convince a victim into
believing they are viewing a genuine security alert from the operating
system rather than simply a webpage pretending to be one. Some will argue, no doubt, that Window 8's Metro simplistic interface
is a sign of progress, making the use of computers less threatening to
those who are currently put off by complicated GUIs. The view may be that people get confused between operating systems, apps and browsers - why not make them all look the same? But these are the very people who are, perhaps, most likely to be
tricked into believing that a fake anti-virus alert is genuine and
blindly do whatever the computer screen is advising them to do. It will certainly be interesting to see how cybercriminals evolve
their social engineering attacks to take advantage of a Windows 8
Metro-interfaced world.

Source - http://nakedsecurity.sophos.com

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
6 + 5 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.