Preventing Applet Based Social Engineering Attacks
To help avoid this, Java applet windows are specifically labeled as such along with an ugly bar that says: "Warning: Applet Window" or "Unsigned Java Applet Window." The exact warning message varies from browser to browser but in any case should be sufficient to avoid the more obvious attacks on clueless users. It still suppose the user understands what "Unsigned Java Applet Window" means and that they shouldn't type their password or any sensitive information in like a window. User education is the first part of any real security policy.