EN
This article is from Trend Micro.
Web push notifications (also called browser push notifications) are a web browser feature that allows websites to send notifications to users regardless of which sites they have open, and sometimes even if their browsers are closed altogether! They are super-powerful and really handy, but scammers have been exploiting the feature to promote unwanted ads and scam sites, and even send out malicious links containing malware.
If you receive a notification from a malicious website and grant it the permissions it is requesting, you will start to be bombarded by notifications in the bottom right of your screen with fake alerts, messages from fake dating sites, and adverts for products that ARE ALMOST CERTAINLY SCAMS.
Examples of fake notifications
There are two methods that scammers use to get their malicious notifications on to websites. The first requires the exploitation of a hole in a website’s security. The security flaw allows malicious code to be injected into the site that redirects users to a malicious page. On that page, the users are then tricked into enabling the nefarious browser notifications.
The second method is a lot simpler; some websites cooperate with the scammers and willingly inject the redirection code into their sites – presumably for a fee.
Beware of websites that offer illegal content such as:
Malicious notifications are regularly found on porn sites, too.
Whenever you visit a site infected with malicious web browser notifications, you will often be randomly redirected to a page asking you to click “Allow”. The site will almost always tell you that you need to do so before you can view certain content or before you can use a certain feature of the site.
For example, on illegal streaming sites, you will often be redirected to a page containing a fake video player and asked to click on the “Allow” button before you can play the video.
1. After you pin the Trend Micro Check browser extension, it will block dangerous sites for you automatically:
2. Trend Micro Check on WhatsApp:
Send a link or a screenshot of suspicious text messages to Trend Micro Check on WhatsApp for immediate scam detection:
Download Trend Micro Maximum Security for even more protection, including Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection. Gain access to the Privacy Scanner for Facebook and Twitter, Social Networking Protection, and Parental Controls, too. Click the button below to give it a try:
Here’s what you need to type into your web browser’s address bar (don’t type the quotation marks):
Chrome: “chrome://settings/content/notifications”
Firefox: “about:preferences#privacy”
Microsoft Edge: “edge://settings/content/notifications”
Once you’ve typed that in, hit Enter and you’ll be taken to a page where you can disable the malicious notifications.
