This document summarizes a study that tested how susceptible users are to entering their passwords into fake password dialog boxes created by attackers. Researchers created fake password dialogs mimicking Windows and Mac operating systems and found that 15-35% of participants entered their real passwords. While some users detected the spoofing, many were either oblivious or compromised. The researchers conclude that users have difficulty determining whether information comes from the actual OS or an attacker. Future work should focus on designing security dialogs that better capture users' attention.