{"id":39954,"date":"2023-07-04T15:44:41","date_gmt":"2023-07-04T19:44:41","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=39954"},"modified":"2023-07-04T15:44:41","modified_gmt":"2023-07-04T19:44:41","slug":"abusive-web-notifications","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2023\/07\/04\/abusive-web-notifications\/","title":{"rendered":"Abusive Web Notifications"},"content":{"rendered":"

Adam Engst<\/a>:<\/p>\n

\n

These attempts to phish you by notification are malware, plain and simple—the form known as adware. The alerts try to trick users into visiting a fake website and entering login credentials or credit card information to facilitate identity theft, just like a phishing attempt via email. Attempting to eliminate the notifications by running anti-malware apps like Malwarebytes, DetectX Swift, or VirusBarrier won’t work.<\/p>\n

[…]<\/p>\n

Unlike regular malware, notification adware doesn’t require an infection, so anti-malware software has nothing to find or remove. Instead, notification adware exploits the capability of Web browsers to let websites display system-level notifications just like native apps. No one would intentionally sign up for adware notifications, of course, but websites can—and increasingly do—ask users if they’d like to receive notifications.<\/p>\n<\/blockquote>\n

There are also fake notifications that appear within the browser window and look like system notifications—but usually using the design of a few years ago. These will show up without any prompting and are good at tricking people, in my experience.<\/p>\n

Previously:<\/p>\n