Malvertising!
It's a word that sucks.
Most browsers, websites, and apps use push notifications as a form of marketing and in general these “Allow Website Notifications” are fine as they simply let web developers notify users when new content is posted. However, over the last few years, criminals have been misusing these notifications to hide malware, a tactic known as “malvertising”. Malvertising works when users open a website with “Allow Website Notifications” and are faced with a pop-up asking for permission to display notifications. If users agree, their choices are saved in browser options and criminals are then able to continually feed them with unwanted ads. These intrusive ads can in turn lead to malicious websites and can even run scripts that install malware. Some sites ask to “enable notifications, otherwise content will not be displayed”. When the user declines, the pop-up keeps appearing until the website is closed. These notifications to display content are merely trying to trick users into clicking “Allow”.
Even with an adblocker installed, malicious push notifications can still get through as I have seen on many of my customers’ computers.
Typical signs that the push notifications you are getting are malicious are:
- Ads appear in places where they shouldn’t, e.g. your desktop, even when the browser is closed.
- The browser home page changes without your permission.
- Websites you used to visit are now not displaying properly, or you are redirected to another address.
- You get pop-ups which advertise fake software or updates, or warnings that you are infected, followed by prompts to install a specific clean-up tool (DON’T!).
- Apps and programs are installed on your PC that you don’t remember installing.
Don’t worry, they can be removed:
Google Chrome – go to Settings, click on the Advanced arrow to reveal Privacy and security, go to Site settings then Notifications to see the list of websites you allowed to send you push notifications, as well as the list of websites you blocked push notifications from. If you see one you don’t remember approving or wish to take back permission from, click the vertical dots bar for that domain and select ‘Remove’.
Microsoft Edge – Click on Settings and more button at the top right corner, then click on Settings. Click on Cookies and Site permissions on the left side, then scroll down to notifications on the right hand side and click on it. Then turn off Ask Before Sending.
Mozilla Firefox – click on Options from the drop-down menu, then choose Privacy & Security from the list at the top left. Scroll down until you come to Permissions, click on the Settings button for notifications and you can see all the websites you allowed pop-ups from.
Finish by scanning your PC and cleaning it up with professional anti-malware software. To prevent infections with malicious push notifications, be cautious. Keep the list of websites from which you accept push notifications short and NEVER go online unprotected.