- Report finds humans spot malware with an 88% accuracy rate
- Additional tools like Task Manager can help them identify it even more
- There are still some pretty common misconceptions surrounding certificates
A new report from researchers at the University of Guelph and the University of Waterloo has uncovered a slight improvement in human detection of potential cybersecurity threats, but has warned we’re still missing too many signs.
The small study of 36 participants (split equally between basic, intermediate and advanced PC users) had them face six separate software samples, half of which included malware, with varying levels of assistance.
The participants already successfully scored an 88% malware detection accuracy when faced with the potential threats, but this improved even more to 94% with the use of an enhanced Task Manager interface, showing details like CPU usage, network activity and file access.
Humans aren’t too bad at detecting malware
Despite relatively strong detection, the researchers observed three key misconceptions.
Users commonly misinterpreted the UAC shield icon as a sign of security while also demonstrating a lack of understanding of digital certificates. They also noted an overthrust in file names and interface aesthetics.
Users’ detection techniques varied depending on their experience levels, with basic users relying heavily on superficial cues like icons, typos and aesthetics.
Intermediate users were able to improve their accuracy with additional system data, but advanced users often took a backwards step by over-analyzing threats, leading to false positives.
In this particular test, the researchers were able to identify 25 separate secondary indicators users use to determine whether something is a threat or not, on top of four primary indicators.
One of the paper’s limitations mentions the fact that the participants knew they were looking to identify malware – unsuspecting victims downloading files from the web aren’t often so lucky to have a heads-up.
Still, the research is especially valuable for developers, who can use the findings to tweak their software “to eradicate misconceptions and improve security related interfaces and notifications.”
You might also like
- New malware avoids antivirus detection, unleashes a “plague” on your devices
- We’ve listed the best endpoint protection software for a cybersecurity boost
- Check out the best ransomware protection
![[Aggregator] Downloaded image for imported item #27120](https://kcmicro.com/wp-content/uploads/2025/08/hLSddyokXZvuGnzgiURiaj-1280-80-800x500.jpg "[Aggregator] Downloaded image for imported item #27120")
![[Aggregator] Downloaded image for imported item #27101](https://kcmicro.com/wp-content/uploads/2025/08/gtbrQHFKwEGVF5Y3Ajpkpi-1280-80-800x500.jpg "[Aggregator] Downloaded image for imported item #27101")
![[Aggregator] Downloaded image for imported item #26989](https://kcmicro.com/wp-content/uploads/2025/08/j5YMwZuuKnvAXLyKBEmDrb-1280-80-800x500.jpg "[Aggregator] Downloaded image for imported item #26989")