The first thing I do with a new compy for the wife or family is to have her pick a completely nonstandard theme that she likes. That way, FUI sites that model their UI after the generic XP/Vista look, stand out visually. She may not know what the website is trying to get her to do, but she can easily recognize that the OK button looks different than normal, and different == skeptical.
Antivirus is a scam. All it ever does is clean up a bunch of cookies. It slows your computer no matter what, unlike the chance of getting a virus which can be quite low if you think before downloading
The way I’ve got it setup, I boot with only 18 processes. If a virus came along it’d be noticed
Perhaps that’s a way of having a startup virus warning system, warn the user if the number of processes opened after x seconds after startup is equal to the number they usually have on startup
If you are afraid of sharks, don’t go into the ocean…
What does that have to do with it?
These idiots that write all the attack, phishing, stealing and generally ‘just plain wrong’ software are the sharks…
And their fins sticking up out of the water are their UIs; so you better get good at spotting them on the approach otherwise you’r gonna get bitten…
Jeff, great write up in this post, you would be surprised at how many people, us techies as well, never think about this particular type of attack, bravo!
I love how the text Now performing system components scan is way out of line. IE CSS styling issues, anyone?
I think most people here are missing the point, most USERS will be pulled into this scam as it appears at first glance to tell you something is wrong. Any self respecting user will click OK as it seems to be the best bet.
Always tell everybody you meet, never click ‘OK’ always click ‘Cancel’ and if in doubt ask…
I tried to click on a bitmapped UI today. 
Always tell everybody you meet, never click ‘OK’ always click ‘Cancel’ and if in doubt ask…
Is that a good idea? How do you know what the ‘Cancel’ button will actually do? I’d tell them to always click the little red cross.
I got that fake virus scan UI a few month ago, simply by visiting The Drudge Report!!
It was launched by one of the pop up ads. This is apparently a big problem, a game of wack-a-mole for ad servers.
It’s extremely worrisome, and I had contacted the site about it.
I was on Firefox on a Mac, so obviously I wasn’t fooled.
But imagine… a site that popular, and popular with people not necessarily tech savvy.
How many compromised websites are out there? Industry analysts have quoted something like just one in 30 websites is safe. Read more in the post Is Your Website Safe?
http://www.pcis.com/web/vvblog.nsf/dx/06122008033044PMVVIUEJ.htm
Well, assuming there is no exploit here, the only danger is downloading and running that executable. I’ve taught my parents well that just like in the real world on the streets of a large city, the web is full of crooks looking to scam you, so be cautious and alert of ANYTHING out of the ordinary. Basically, I’ve gotten my mom very familiarized with the concept of downloading files from Firefox, and to NOT click ‘OK’ on a download window that was not requested. In this case that would work, but obviously with major exploits that is not going to work.
Also, I can see how hacked legitimate websites are a really difficult thing to protect against.
On a related note, why in the BLEEP are you using Internet explorer for god sakes?? The first thing I do for novice users is to immediately switch them to firefox for basic security against most drive-by malware installs…
Great post with practical punch.
I’m not sure what the answer is. I’m pretty sure it’s not user education – that would never pass my Mom test (i.e. does it work for Mom). If prevention isn’t possible, then I wish alert/recovery was better, but I think that’s where backups/antivirus weight in.
Tried to duplicate googling Michigan Regional Lily Society to get to the FUI. Apparently they’ve fixed it now.
This reference to the screenshot as desktop background reminded me of thewebsiteisdown.com if you haven’t seen it - it’s hilarious!
Use some obscure operating system that looks completely different, like MacOS. The scammers don’t target that OS because there is such a small percentage of people using it compared to Windows.
Hi to everyone:
while the Fake User Interface can be a burden for the users but also CAN HELP to developer
For example (a common example) a customer ask for developer a x-application but before he want to see some screen. Of course it’s impossible or required to much effort and developer time only to show some fancy screen (and the customer can retract their offering). So what’s the solution?, to fake a interface, create a interface using photoshop or any other graphics tool.
I got that fake virus scan UI a few month ago, simply by visiting The Drudge Report!!
There’s your problem right there. Seriously. This is a guy who exists to spread lies about the personal lives of people he disagrees with politically. You expect such a person to have moral qualms about taking money from questionable advertisers?
My webserver was also infected with the same Malaware could be due to some FTP client that I use !
They way they achive it by editing the .htaccess files and re-writing the redirect.
how would you combat a perfectly spoofed FUI presented to a naive user?
I wouldn’t. If it is perfect (and we will see such FUIs), there’s nothing you can do.
I would focus on making sure that the user can recover well from the inevitable resulting infection.
I cant wait for macs to get enough market share to become a virus target.
brian on August 18, 2008 06:09 PM
Wow - that’s almost the kind of low-life misanthropic scumbag sentiment that would qualify you as one of these malware/spoofing goons. Congrats!
Yes, I know that there’s an annoying strand of Mac users who bleat on and on about how secure they are in their smug little world (they annoy the hell out of me too), but I wouldn’t wish this kind of misery (or the fear-mongering antivirus industry) on anyone - even smug Mac users.
(BTW, I am a Mac user who works with PCs all day long, and is thankful that Macs haven’t substantially caught the interest of the scumbags - /yet/).
The whole point of computers is to execute code. I should be able to safely download and run anything on my computer. The fact that you can’t shows what a disgrace all operating systems are in.
** And I could care less that *nix not running as root will stop me from trashing the machine completely. If all my files are readable / deletable / corruptable you might as well take down the entire machine. Whee I can still boot, but all my files were scanned for info and uploaded to stealmyidentity.com
It’s like going to an arcade where some of the machines will randomly cut your legs off at the knee, and you have no way of knowing in advance, regardless if you inserted your quarter or not.