CS406: Information Security

Pop-up window attacks refer to windows appearing on the victim’s screen informing the connection is lost. The user reacts by re-entering the login information, which runs a malicious program already installed with the window appearance. This program remotely forwards back the login information to the attacker. For instance, pop-ups can be alert messages showing up randomly for online advertising to lure the victim in clicking on that window. Pop-ups also can be fake messages alerting about a virus detection in the victim’s computer. The pop up will prompt the victim to download and install the suggested anti-virus software to protect the computer. They can also be fake alerts stating that the computer storage is full and that it needs to be scanned and cleaned to save more space. The victim panics and reacts quickly in order to fix the problem, which activates the malware software carried in the pop-up window.