Malicious browser notifications are one of the most common scams we see these days. They often take the form of bogus virus alerts that seem to come from Windows or antivirus software. In reality, they’re just the latest form of pop-up ads. We’ve seen a huge uptick of these cases in recent months, so let’s take a look at how they function and how to avoid them.
The above image is an example of how these notifications get enabled. Most often, it won’t be the site itself asking, but rather an ad on the page – but at a glance, it can be hard to notice the difference. There is almost never a good reason to Allow notifications on a website. As soon as you press “Allow,” it gives the website permissions to display notifications – even if you aren’t on that page any longer. These display as notifications from the taskbar tray, making them seem like legitimate Windows notifications despite being anything but.
These are the sorts of notifications that will start popping up. Either they will state the PC is infected, or that antivirus has been disabled, or some other call to action that urgently demands the user click to resolve the problem. These links often lead to bogus support sites, which will claim that the user must call a “technician” to fix their PC. These “technicians” are often scammers who will access the PC to install actual malware, or in some cases, they will directly manipulate the user to transfer bank funds or other sensitive information in order to “protect” it. In many cases, banks will not reimburse these funds since they were “willingly” transferred, so it is vital to be wary of these scams.
The simplest course of action is to just click “Block” on any webpage notification request. There’s no need for most websites to show notifications – the valid use cases are very limited, such as Outlook on web. In the event that you’ve accidentally enabled these notifications for a site, you can check under your web browser’s Settings page – usually there are specific Site Settings that will show any allowed notifications. In Google Chrome, this is under Settings > Privacy and security > Site settings.
Of course, you should have a trusted IT advisor like Layered Systems on your side, to help mitigate and resolve any potential breaches. Contact Us today to learn how we can help better secure your systems and network.
