Preventing Applet Based Social Engineering Attacks
To help prevent this,
Java applet windows are specifically labeled as such with an
ugly bar that says: "Warning: Applet Window" or "Unsigned Java
Applet Window." The exact warning message varies from browser to
browser but in any case should be enough to prevent the more
obvious attacks on clueless users. It still assumes the user
understands what "Unsigned Java Applet Window" means and that
they shouldn't type their password or any sensitive information
in such a window. User education is the first part of any real
security policy.
Previous | Next | Top
Last Modified June 15, 1998
Copyright 1997, 1998 Elliotte Rusty Harold
elharo@metalab.unc.edu