I can really understand why there are more infections with malware on computers running Windows than those that run other OSs. Firstly, there are of course less people using those other OSs, thus the distributors of malware naturally focus on the biggest pie first. But secondly, some of those malware installation scams are actually very well done.

Consider what I came across when I was researching digital cameras. Take a look at the top search result I got back from Yahoo for a completely innocent search query (click on the image to see a full-sized version):

Ok, so admittedly, the link title doesn't even say anything about the camera model I was searching for, but I tend to click on the top link anyway. Some sort of bad habit, I guess. Anyway, a new tab opened (I always open search results in tabs), and suddenly this pop-up appears out of nowhere:

This was done as a JavaScript alert/dialog pop-up, which is normally not stopped by pop-up blockers. Of course, being told that my computer is infected and that WinXP will now perform a scan is rather surprising, considering I am running GNU/Linux. And the annoying repetition of “FREE” (in all caps) is a bit of a give-away as well. Other than that, the dialog isn't brimming with spelling mistakes (I only found one) and doesn't use spam-speak, which lends it a bit of credibility.

Of course, no matter if you click 'cancel' or 'ok', the “scan” starts anyway. Take a look at this screen then (click on the image to see a full-sized version):

The green progress bar in the background? That actually was animated, showing me (very quickly) a list of the various files it was “scanning” (quite realistic looking). The expectedly devastating result, popping up in a very convincing looking WinXP themed 'window': My poor Ubuntu box was apparently riddled with Windows-only malware. Fortunately, the kind folks from that site offered to fix that for me. For FREE no less! Clicking anywhere on that page resulted in some more helpful information, just before the download of an EXE file started.

But of course, because I run GNU/Linux, I am merely offered the option to run this piece of malware under Wine! The resulting screenshot therefore was so funny (use Wine to run malware!), I just had to capture and share it (again, click on the image for a full-sized version):

It's easy to laugh about this, and it's also easy to make fun of those people who fall victim to these kinds of scams, or to go on about Windows being insecure. But we have to keep in mind that most users of the Windows computers out there are not technical, and that this site was well made and looked quite convincing. Similar scams targeted at other OSs would likely have the same chance to succeed if presented to a user of similar technical skill level.

Other related posts: