Afraid of the Dark (Patterns)? How to Recognize Deceptive UX Design

As dark patterns become more prevalent, consumers must learn to recognize and avoid these deceptive UX design traps.
We receive compensation from the products and services mentioned in this story, but the opinions are the author's own. Compensation may impact where offers appear. We have not included all available products or offers. Learn more about how we make money and our editorial policies.

When we think of user experience (UX) design, images of developers hard at work creating user-friendly websites and applications come to mind. Today's UX designers always prioritize the interface user's interests above all, designing for the easiest, user-friendly customer journey possible, right?

Well, not exactly. Today, many developers design interfaces with the company's best interests in mind, using “dark patterns” laden with deceptive language and misleading layouts to boost sales and even steal personal information from inattentive users.

In this article
What are dark patterns?
12 common types of dark patterns in UX
Is there legislation against dark patterns?
Why dark patterns ultimately don't work
Dark pattern FAQs
Bottom line

What are dark patterns?

Have you ever been signed up for a subscription you didn't want or had a purchase upgrade added because you failed to notice a default acceptance? How about being taken to undesired ad pages and signed up for a trial when you thought you were only requesting more information? And worse yet, feeling trapped and frustrated when there doesn't appear to be an easy way out?

If so, you most likely have been victimized by a dark pattern — “a user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision-making, or choice,” according to the California Consumer Privacy Act's most current definition.

In 2010, the U.K.-based UX specialist Harry Brignull created the term dark pattern to describe various types of deceptive designer practices that use tricky language and architecture to create an easy path for users to do what a company wants and a significantly more difficult route to do what isn't in the companies best interests.

Today, companies (looking at you Google, Facebook, Amazon, and LinkedIn) desperately want your data — and will do almost anything to get it. Many use default settings to automatically collect as much information as possible and make manually changing your privacy selections as unclear and complicated a process as they can.

Company websites also often use flowery language to frame how sharing your information benefits you and even go so far as to warn about how disabling cookies (embedded devices used to collect personal data and track browsing history) will lessen your user experience.

12 common types of dark patterns in UX

Dark patterns typically fall into four categories: preselection, nagging, hiding information, or subverting privacy. Preselection uses default selections to choose for the user; nagging bombards the user with constant pop-up notification requests; hiding information employs endless text and small print to disguise essential facts; and subverting privacy uses deceptive wording to induce users to give up more information than intended.

Many dark patterns have unfamiliar or confusing names, but they will make sense when explained below. The first line of consumer defense regarding dark patterns is recognition — so let's get started. Here are 12 of the most common dark patterns in practice today.

1. Bait and switch

Bait and switch is one of the most common dark pattern themes. The user will believe they're doing one thing but then they get a different and unexpected result. For example, clicking to learn more about a product but being taken to an ad page and signed up by default for a trial that will auto-renew unless canceled.

2. Hidden costs

Hidden costs are common and one of the more frustrating dark pattern themes. You will reach the last purchase checkout step only to discover your bill has unexpectedly grown with the silent addition of delivery charges, service fees, or taxes. The surprise and blatant deception of this dark pattern can quickly raise frustration and anger in even the most patient and loyal customer.

3. Friend spam

This dark pattern occurs when a company asks for an email or social media permission under a safe pretense, such as adding friends, but then uses this acceptance for a less innocent purpose, like spamming your contact list with a request that looks like it's coming from you.

LinkedIn infamously used this shady tactic — when you signed up for their service, they would spam your contact lists with LinkedIn ads that arrived from you, a trusted source.

4. Confirm shaming

This dark pattern employs human psychology and some strategic layout or language that plays on emotion to sway a user's decision. Examples would be a cancellation page placing a sad puppy picture next to the kill button or a discount decline option with the wording "No, thank you. I hate saving money."

5. Privacy zuckering

Named after Facebook creator Mark Zuckerberg, this dark pattern uses language deception and design trickery to coax users into sharing more personal information than intended or making it difficult for them to find and follow the steps restricting privacy.

Now companies use less obvious methods of data brokering with wordy term acceptance agreements (usually in extra small print) written in hopes you will skim over the critical words allowing the company to sell your data.

6. Misdirection

This dark pattern uses shiny design trickery to focus the user's attention in one area while attempting to distract it from another, often where something unwanted occurs.

An example would be clicking an option to cancel a service and arriving at a website detailing all the service's benefits and a significant discount offer accepted by default unless you uncheck an easily overlooked box. Hopefully, you notice the tiny and usually hidden option to cancel the service.

7. Disguised ads

This dark pattern is known for its deceptive practice of cleverly camouflaging wolf ads in sheep-content clothing. Deceptive user experience designers create ads resembling download buttons for desirable content, but upon clicking, users get blasted with a barrage of unwanted ads. Often these ads attempt to trick the users into signing up for a trial that will silently auto-renew unless canceled through a series of inconvenient steps.

8. Forced continuity

The forced continuity dark pattern is common with streaming platforms that frequently offer free trials, such as Hulu and Netflix. It occurs when a company offers a free trial that will silently auto-renew while providing no clear or easy steps for the user to cancel the trial.

Companies often justify auto-renewing as a means to maintain uninterrupted service. It's really just a way for the company to slyly continue billing the customer for a service they may not want.

9. Price comparison prevention

If you're like most customers, you appreciate the opportunity to compare prices when shopping to help score the best deal. You landing a better deal isn't in the interest of most companies that use confusing language and presentation to hide their actual prices.

This dark pattern is common with retailers that use different pricing bundles to make price comparisons of items in the bundle nearly impossible.

10. Basket sneaking

This dark pattern is popular with e-commerce sites. It occurs when a company unexpectedly adds items, usually upgrades or add-ons, to your shopping cart. If you fail to notice that the company selected the upgrade or add-on for you and don't uncheck the opt-in selection, the additional charge will process for something you didn't want or willingly choose.

Prepare for more aggravation, as the company's designers won't make reversing this unwanted charge obvious or easy for you.

11. Trick questions

Language is at play in this dark pattern — and the more confusing, the better. Companies know most people skim when reading customer agreements, so they use wording that may appear to say one thing but says another.

Deceptive wording can combine with the old default approval trick to coax you into agreeing to more than you wanted. For example, a company can ask for a donation you agree to, but you might miss the checkbox committing you to recurring contributions.

12. Roach motel

This dark pattern sounds ultra sinister — anything comparing consumers to roaches must come with extra unpleasantness. Unpleasant indeed, as a roach motel describes shady designer practices that make it \ easy to navigate where the company wants you to go but hard to find your way out.

This dark pattern is a favorite of e-commerce sites that focus on selling one thing, such as event tickets, which slyly auto-subscribes you to a magazine subscription when you make a purchase. You must catch the default acceptance and decline to avoid paying for a subscription you never wanted.

What happens if you miss the default acceptance and you need to cancel that unwanted subscription? You will need to locate the small print directing you to download and print a form to fill out and return via snail mail.

Is there legislation against dark patterns?

Dark patterns use deceptive language and design practices to mislead users, causing numerous problems for consumers and companies, so they should just be illegal, right? Well, they can be, depending on where you live and the specific nature of the dark pattern infractions.

Section 5 of the Federal Trade Commission (FTC) Act issues general umbrella protection by prohibiting "unfair or deceptive acts or practices in or affecting commerce." The FTC enforces other statutes, including the Restore Online Shoppers Confidence Act (ROSCA), CAN-SPAM act, and the Children's Online Privacy Protection Act, which many dark patterns could violate. Some dark patterns fall outside the FTC's existing regulations, and it falls on states to individually address the legality surrounding dark patterns.

California leads this effort with the California Consumer Privacy Act (CCPA), the first U.S. law that defines dark patterns and bans their use to subvert or impair the process for customers opting out of the sale of their personal information. The California Privacy Rights Act (CPRA), which began taking effect in 2023, extends the ban on dark patterns by forbidding their use for obtaining consent related to the processing of personal information and declares, "consent obtained through the use of dark patterns doesn't constitute consent."

Why dark patterns ultimately don't work

The short-term use of dark patterns can fool users into unwanted purchases, sign-ups, and unknowing deliverance of personal information. Employing dark patterns might help boost metrics and appear temporarily beneficial for a company, but it can also irreversibly damage the all-important customer experience.

Customers feel betrayed and disrespected when they realize a company used design trickery and deceitful wording to push them toward actions favoring company interests over their own. Using dark patterns often results in a frustrating user experience, damaged trust, poor brand reputation, and lost customers.

Dark patterns may appear to be a quick fix, but the ill will that is created when customers realize the company's deceit and manipulation just isn't worth it. It's far better for companies to respect their customers and website visitors, providing them with clear, transparent choices for a better customer experience to retain loyalty over the long haul.

Dark pattern FAQs


What are some examples of dark patterns?

Dark patterns are design practices that use presentation tricks and deceptive language to guide website or app users into doing something they don't necessarily intend to do. This action is ultimately beneficial for the parent company.

Dark patterns take many forms to influence users, and common examples include bait and switch, friend spam, misdirection, basket sneaking, cost hiding, forced continuity, disguised ads, trick questions, and confirm shaming.


Why are they called dark patterns?

The term dark pattern was coined in 2010 by UX specialist Harry Brignull, who has dedicated a website to helping educate consumers about the dangers of deceptive design patterns and how to identify and avoid them.

The sinister name likely came from the deceptive and manipulative nature of the UX designer practices companies use to influence customer behavior in line with their best business interests.


Should dark patterns be illegal?

This question is subjective — depending on whether you're a company that can arguably benefit (in the short term) or a consumer who can suffer loss and frustration from dark patterns.

Most neutral parties agree that a dark pattern's deceptive design removes user choice and should be illegal. Consumers should have a clear and transparent choice when navigating a company's interface without any design or language sorcery driving them toward a preferred outcome.

The current legal shift toward banning dark patterns is grounded in Section 5 of the FTC Act. Several state laws, such as the California Consumer Protection Act and California Consumer Privacy Act, have backed the trend by outlawing the use of dark patterns.

Bottom line

Today, companies that use dark patterns to influence interface user behavior stand to lose far more than they gain. Dark patterns inherently disrespect customers by attempting to compromise their autonomous right to choose, not to mention they can be frustrating and annoying. User trust and customer loyalty can be lost when short-sighted, metric-driven companies use dark patterns to influence their customers to benefit their business.

Education is the best defense against deceptive user interface design, dark patterns, and fraudulent online practices. Modern consumers must be well-schooled in recognizing and avoiding all types of e-commerce fraud as well as how to change their privacy settings to better protect against these practices. Please see our helpful article on dubious e-commerce practices and online shopping fraud for further information.

Customizable Coverage That is Simple to Use
Editorial Rating
Learn More
On NordVPN's website
Up to 66% off 2-year plans + 3 months extra
  • Ultra-secure, high-speed VPN complete with malware protection and automatic blocking of intrusive ads and third-party trackers
  • Other benefits include a premium password manager, dark web monitoring, and access to IP-restricted content
  • 3 plans to choose from for custom protection on up to 10 devices
  • Too many confusing plans

Author Details
Mark Knowles is a freelance tech content writer specializing in cybersecurity. His expertise includes DevSecOps, cyber risk management, and Zero Trust model security. Mark has completed numerous case studies, blog articles, and e-books for leading technology companies over the last eight years, with a focus on the cybersecurity vertical over the last five years. When not interviewing experts in the field or creating fresh cybersecurity content for organizations, Mark enjoys pushing the limits of fitness and personal growth while planning his next traveling adventure.