Be Wary of Site Notifications

Many apps and website ask us to “Allow Notifications”. However, one should be wary of allowing notifications for all sites. While it may be good to limit the number of notifications on your phone for digital wellbeing, it may also be dangerous to allow untrusted notifications into your phone or device.

“…[S]everal dodgy firms are paying site owners to install their notification scripts and then selling that communications pathway to scammers and online hucksters.”

https://krebsonsecurity.com/2020/11/be-very-sparing-in-allowing-site-notifications/

What are Notifications?

Notifications are sent automatically to your device. These are typically used for social media, like Facebook or Instagram, when people interact with your posts. However, these types of notifications can happen on your computer too, outside of the web browser. Microsoft, Malwarebytes and other software will often use these push notifications when you need to update their software.

While these types of notifications can be useful when they come from a trusted company, not all users fully grasp what they are agreeing to when they elect to receive notifications.

Not all notification are legitimate

PushWelcome is one such notification provider that website developers can use. However, there is a catch for the user. By agreeing to these notifications, you are getting notifications from any of the company’s advertising partners. That’s right, any of PushWelcome’s “partners” can send you whatever information they want.

“And almost invariably, those messages include misleading notifications about security risks on the user’s system, prompts to install other software, ads for dating sites, erectile disfunction medications, and dubious investment opportunities.”

https://krebsonsecurity.com/2020/11/be-very-sparing-in-allowing-site-notifications/

The notifications are a sneaky way to deliver adware to unsuspecting users. The kicker is that it is not often detected by endpoint security programs, making this type if information very risky. Malwarebytes did attempt to warn its users about these notifications, and provided them a way to remove the notifications in a 2019 article.

You can see some very specific examples of these types of notifications on Krebs on Security Website. Want to stop notification prompts? The Verge published a great tutorial on stopping the notification prompts from showing up in your browser.

Search

Sign Up for Our Newsletter

Thank you for your interest in our newsletter! Fill in the form below to receive periodic updates on internet and website security, free cybersecurity posters, WordPress news, and more!

"*" indicates required fields

Name*

Your privacy is important to us. We do not share your information with anyone. You can opt out of our newsletter at any time.

Stay up to date with technology, scams, WordPress, and more. Follow CourseVector on Facebook today!