Most Web Users Unable to Spot Spyware

Ben writes "According to a Spyware Quiz conducted by McAfee SiteAdvisor , a staggering 97% of Internet users are just one click away from infecting their PCs with spyware. One interesting conclusion from this study showed that even users with a high "Spyware IQ" have a nearly 100% chance of visiting a dangerous site during 30 days of typical online searching and browsing activity."

And let me guess

[by Anonymous Coward]

McAfee will sell me the software to help save me.

Sorry

[Rick Zeman (15628)]

But Mac and Linux users comprise more than 3% of Internet users!

Bad quiz

[samtihen (798412)]

The quiz in question has you choose which of two sites, based on screenshots, has spyware. The sites were all for things like screen savers, song lyrics, and free game downloads. That is a terrible, terrible way to judge a users capability to determine if something has spyware.

Re:Bad quiz

[SocietyoftheFist (316444)]

When I saw the first question I laughed out loud. I guess they may be going on the domain name but the quiz is really bad. I took it and got 4 out of 8. I guess you are supposed to go research the sites because there reasonings for answers couldn't be gleaned from the screen shots. Funny, I've never had a virus or spyware on my machine, I don't allow automatic anything, and I failed! What a joke.

No kidding.

[Zerathdune (912589)]

I got a 5 of 8, and that's cheating by having heard of kazaa and emule. I doubt few people would have seen through the "NO SPYWARE" label that was 2nd in size only to the word Kazaa, without prior knowledge, but I bet a lot more would have been able to figure it out from seeing the actual site, not a 798 x 600 screenshot (what a random number,) and I bet even more are smart enough to not touch it if they don't know what it is, but this quiz doesn't account for any of that, and it pics the kind of sites that are visited mostly by the segment of the population who ISN'T educated about this stuff. screen savers, smilies, and pretty much anything that says it's free, but doesn't say open source - stay away or be very freakin' cautious.

let's go through the quiz (if you want to see for yourself untainted, do so before reading this):

the first 4 questions have you determine which of two sites is safe, based on screen shots.

question 1: choose between two screen saver distrobution sites. like all the others, it's just a screenshot, and doesn't even show the whole front page, let alone users look at other pages. the only decernable difference is that the first one looks more professional, so heeding the remarks in the article that said most users seem to think that means it's safe, and "reading between the lines," I picked the other one, since there was no logical way to decide. I was wrong.

question 2: smilies. the one on the right looked more professional, and said "NO UNWANTED SOFTWARE" in a very easily spotted location, with big letters, and the other in regular sized font, in the bottom right, had a half cut off message that pretty clearly stated (even with incompete sentances) that it contained spyware, so I picked the one on the right, this time with some actual info to go on. I was right.

question 3: free games. the sites had no noticeable differences in professionalism, no warnings or advertising of spyware freeness either way, nothing to go on that really made any sense to actually use, so I decided that TotallyFunFreeStuff was trying to hard, and was probably hiding something, and picked the other. I was right.

question 4: Lyrics. important to note that this one used active X, so it's irrelevant to anyone who's not dumb enough to still regularly use IE anyways, which now that I mention it, I think I'll soon put a rant about McAffee and that that in my Journal (will be a first entry,) but it's to much of a tangent for this post. anyways, the one on the left looked more professional, and the one on the right had a "firefox blocked a popup" message on it, so I picked the left (entirely because of the message, I continue to mention the professionalism because the article made a stink about it.) I'd like to note that the thing I took as a tip off wouldn't be availible if I were seceptable to this at all, as it's a firefox message, which doesn't do active X. In any case, I was wrong.

the last 4 questions had you determine whether a file sharing program was safe based on the usual screenshot of the webpage.

Bearshare: site looks professional, there's a link for a "FREE Sponsored version," sponsored sets off a red flag in my mind, I say no. I'm right.

eMule: worst site design of the four astheticly, says it's open source, I've heard of it, I say yes. I'm right.

blubster: pretty sleek front page design, though it feels like a splash screen, so there's almost no information. nothing to go on really except that it says it's 100% free, which given the fact that OSS/Free software tends to advertize itself as such, and they didn't, probably meant add supported, but for some incomprehensible reason I still picked yes. I'm wrong.

Kazaa: slick page, big "NO SPYWARE" label on the font page, there's a main section for the privacy thing, which I bet a lot of people would have looked at if it were a page, not a picture, but instead just trusted it because the label was all they had to go on. I was familiar with the software though, so

Re:Bad quiz

[quentin_quayle (868719)]

Right. It's more like "Assuming you are going to download an exe of some frivolous applet, and install it as Administrator on Windows, on a whim, which site will you get it from?"

If this applies to you, you've already flunked the real-world test. If they had a third option "I'll get software only when it's important, and then only from sources I've thoroughly researched and have objective reason to trust" - then this quiz would be a public service. As is, it just encourages the proliferation of Windows malware.

Sure

[TheRealMindChild (743925)]

One interesting conclusion from this study showed that even users with a high "Spyware IQ" have a nearly 100% chance of visiting a dangerous site during 30 days of typical online searching and browsing activity.

Sure, we like to visit places like http://www.cracks.am [cracks.am], who actually write their own spyware. But I am not so sure that qualifies me as ever installing any of their garbage.

This looks like an interesting article

[TechnoGuyRob (926031)]

*Click*

Stupid quiz as usual

[MalleusEBHC (597600)]

This is just like a "spot the phishing email" quiz I saw. Just looking at a picture gives you no context. Did you get the link from a reliable source? What OS/browser are you running. (I'm definitely more willing to check out something suspicious in Safari than Internet Explorer.) Are you dumb enough to download and run something from the site.

This is an idiotic quiz.

[aussersterne (212916)]

It contains no technical information or interactivity whatsoever. No status bar information, no ability to view page source, just screen grabs of random web sites.

This is a completely invalid, unsound test, as there is no technical way to determine the presence of malicious software simply by looking at a page as it initially loads in the absence of any ability to interact with it or at the very freaking least scroll up or down or hover a mouse... sheesh...

It's like blindfolding someone and then blaming them for not being able to catch a baseball pitch, facing away from the thrower, with their bare hands. Of course they won't be able to, if you take away every single useful tool for them to accomplish the task.

Flawed quiz

[siwelwerd (869956)]

This quiz doesn't measure anything. Where's the option for "Both of these look suspicious and I wouldn't go near either of them"?

Re:Flawed quiz

[Smallpond (221300)]

It measures two things:

1) How many people will stay interested enough to finish the quiz.

2) Free focus group when article is posted on /.

Requires javascript.

[jZnat (793348)]

Since the quiz requires JavaScript, and since I have that by default disabled, I think I passed the test.

Not sure I agree with their methods

[Digital_Quartz (75366)]

The quiz (http://www.siteadvisor.com/quizzes/spyware_0306.h tml [siteadvisor.com]) asks questions like "Which of these smiley download sites is safe?" The answer I'd pick is "I don't care which one is safe, I wouldn't ever download something so pointless and high risk to begin with", but that option isn't available.

Re:Not sure I agree with their methods

[ucblockhead (63650)]

Exactly. It's like saying "One of these prostitutes as herpes and the other is clean! If you can't tell the difference, you need to buy one of our prostitute STD test kits before leaving the house or you WILL be infected!!!"

Missing Poll Option

[rcw-home (122017)]

For questions 1-4: None Of The Above!

Seriously, is McAfee trying to imply that some executable code you download off the Internet from people/organizations of unknown repute is safe?

BTW, if 3% of people answered their questions correctly, that means that 5 of 8 questions effectively had 50% odds. For example, if 50% of people were able to get questions 5-8 correct, and everyone just flipped a coin to answer questions 1-4, you'd get a 3% all-correct rate.

FireFox

[OctoberSky (888619)]

Notice the Top Right of any pic. Thier FireFox is out of date.

And that is just another reason I don't use McAfee.

Firefox when secured....

[ezratrumpet (937206)]

I came across a 7th grader who managed to load up a Win98 machine with 14 different pieces of spyware with 1 click in IE. We wiped the machine with an industrial strength removal program, installed Firefox, locked it down, and asked her to go out to the same website. NOTHING - not one single piece of spyware - got through on Firefox. At that moment, I converted for life.

Well, that's not too surprising, after all.

[ScrewMaster (602015)]

Most Web Users Unable to Spot Spyware

Well, I guess that's why they call it spyware, don't they. I mean, what kind of spy would be easy to spot? Wouldn't be a very good spy, now would he.

In other news...

[geobeck (924637)]

Most web users are unable to tell what browser they are using. Or operating system, for that matter.

Support: What web browser are you using?
User: Microsoft Excel.
Support: Okay, what operating system are you using?
User: Um... Dell?

Re:Wait...

[topham (32406)]

The correct way to look at it is to say that it only takes a split second of distraction to get a machine infected.

Re:Wait...

[Mistlefoot (636417)]

I've said it before and I'll say it again.

Maintain an up to date hosts file - the best I've found is from here - http://www.mvps.org/winhelp2002/hosts.htm.

Blocking a site from loading prevents - well prevents if from loading. What more can you ask for? If you keep your file up to date (their most recent hosts file is 6 days old) you certainly are preventing a lot of the risk.

Completely impractical

[EmbeddedJanitor (597831)]

... for most www users.

Most www users are not geeks and cannot tell the boundary between their computer and the internet, let alone know how to drive a hosts file etc. Any advice of this form is completely useless to most www users. If the computer says "click on this" they will. Don't expect them to tell the difference between something from MS or the OS and a phishing scheme or other attack.

It is also not reasonable to say that people should know this stuff to use the www. Nonsense! Do you need to know the difference between a knit and purl stich to wear a sweater? Do you need to know what advance and retard are to drive a car? Why the hell should you know what a hosts file is to use the www?

Re:Completely impractical

[Dr Tall (685787)]

It is also not reasonable to say that people should know this stuff to use the www. Nonsense! Do you need to know the difference between a knit and purl stich to wear a sweater? Do you need to know what advance and retard are to drive a car? Why the hell should you know what a hosts file is to use the www?

Because sweaters and cars work just fine without knowing much about their inner workings, and computers don't. Maybe it would be nice if the www didn't require competent users, but unfortunately it does.

Re:Wait...

[Mistlefoot (636417)]

The point is that this hosts file offers 11,000 lines worth of links - that link back to 127.0.0.1

You try to go to www.screensaver.com, for example - and you can't. What a wonderful sounding place to get a screensaver - but apparently it offers spyware or tracks you - don't believe and want to go anyhow? Turn off your hosts file or comment out the line. Simple.

You can read every entry. Nothing hidden. Simple. Preventative. Free. And nothing to install. What more can you ask for?