Microsoft has designed a new user interface for Windows 8, with an emphasis on bright colours and friendliness.
Personally, the interface (dubbed “Metro”) reminds me of a child’s toy.
One of the interesting features of the Metro user interface is that apps are designed to be full-screen, without any surrounding furniture. That means you won’t see scroll bars and the like, unless you interact with the interface.
One has to wonder whether this will lead to a wave of new scareware/fake anti-virus attacks.
Currently, malicious hackers poison webpages to display what appears to be a warning about malware found on your computer – tricking users into downloading software. The initial alert pops up in your web browser.
These phony alerts have proven to be a very effective way for cybercriminals to fool users into installing their malicious scareware. And it’s very likely we’ll continue to see hackers trick your browser into displaying bogus warning messages
But, with Windows 8, these browser-based fake anti-virus warnings will be shown full-screen, without the tell-tale visible signs that you’re in a browser.
That means meaning it may be even easier to convince a victim into believing they are viewing a genuine security alert from the operating system rather than simply a webpage pretending to be one.
Some will argue, no doubt, that Window 8’s Metro simplistic interface is a sign of progress, making the use of computers less threatening to those who are currently put off by complicated GUIs.
The view may be that people get confused between operating systems, apps and browsers – why not make them all look the same?
But these are the very people who are, perhaps, most likely to be tricked into believing that a fake anti-virus alert is genuine and blindly do whatever the computer screen is advising them to do.
It will certainly be interesting to see how cybercriminals evolve their social engineering attacks to take advantage of a Windows 8 Metro-interfaced world.
Blue screens, cute screens
One thing we’ve already seen is how Microsoft has – after many years – revamped their infamous blue screen of death. Now it’s a cute screen of death instead (and a slightly different shade of blue).
Wow, that’s real progress..
One wonders if the blue screen itself will become an attractive disguise for scammers and malicious hackers.
Will they attempt to duplicate the look of the now oh-so-friendly blue screen of death by popping it up in full screen browser sessions, tricking users into making bad decisions?
One thing we can be sure of – if the bad guys think they will make money effectively this way, they’ll do it.
Leave a reply