More and more immersive environments support third-party apps, leading to concerns about the trustworthiness of user interfaces (UIs), which attackers could exploit, endangering users. Although security warnings effectively safeguard users by highlighting risks, most studies primarily target security indicators for app transitions in virtual reality. Our research broadens this focus by providing a systematic, data-driven investigation of security warnings for third-party applications in immersive environments. We analyzed a decade's worth of top VR interactions and security conference findings and assessed the top 10 free VR apps from two leading stores each. From our design process, we implemented four warnings. Through two user studies involving 61 participants, we measured their responses to these warnings during virtual object interactions. Our findings indicate that a red glow on an object was the most effective warning, frequently associated with danger, while pop-up warnings were the least effective.