Those Pesky Popups: What You Need to Know About Push Notifications

____ Are you bombarded with annoying popups in the corner of your screen? These “popups” actually aren’t popups at all. They’re called Push Notifications, and if you use the internet at all, you’re a potential victim.__ __

Several years ago, browser push notifications were introduced as a helpful tool for site owners to keep their visitors informed with regular updates. When used sparingly, push notifications can be a really helpful feature. Today, they bombard users with unsolicited ads, encourage software downloads, and act as a gateway for fraud. These in-your-face notifications can quickly cloud your screen and require a lot of wasted time closing each one individually.

How Can I Recognize Malicious Push Notifications?

First, it’s important to distinguish between actual popups and push notifications. A popup is a brand-new browser window or tab that you didn’t intentionally open. Push notifications, on the other hand, are more like tooltips. They are messages independent of any open website.

Sometimes push notifications are super helpful. For example, if you’re trying to stay right on top of your email inbox, push notifications can alert you whenever a new email arrives. If you’ve been waiting on a special sale from your favorite store, you can allow them to inform you by push notifications as soon as it begins. Other times, push notifications are downright annoying and intrusive.

So, how can I recognize malicious push notifications?

• Advertisements pop up in places where they shouldn’t, such as in the corner of your browser window or on your desktop, even when your browser is closed.
• When you look at these advertisements, the URL shown on the push notification doesn’t match the product that’s being advertised.
• Your browser home page changes without your permission.
• Websites you used without problem in the past have stopped displaying properly, or you find yourself redirected to another website altogether.
• You find programs installed on your computer that you don’t remember installing.

What harm do push notifications cause?

In addition to being incredibly annoying and time-consuming to remove, the effects of push notifications range from “mildly aggravating” to “potential for identity theft”.

The least harmful are the clickbait notifications. These might advertise articles with outrageous claims or that broach sensitive social topics. Some might include scam notifications--lottery wins, for example, or financial incentives in exchange for providing feedback or completing a survey. These notifications typically urge you to do something under the guise that it’s for YOUR benefit. The goal of these notifications is typically to execute a phishing scam, allowing a scammer to benefit from the use of or sale of your personal or financial information or to get you to click on something that authorizes scammers to send additional push notifications.

Another approach used by scammers is to disguise their popups as system notifications. These might include alerts that your antivirus program expired, that your computer is infected with a virus, or that you need to update software. These popups prompt users to initiate a download under the guise that it’s a PC Cleaning utility, antivirus program, or software update. In reality, these downloads include malware that can allow scammers to perform nearly any action on your computer, including downloading additional malware, viewing sensitive files, and accessing financial information.

Malvertising is a type of malware that aggressively pushes advertising onto users. Scammers don’t care that they’re so annoying that you’ll never buy the product. They benefit from a “pay-per-view” model. The more advertisements they put in front of you, the more they get paid.

How did they get there?

Push notifications require users’ consent in order to start sending notifications. That said, while the cause may have been as simple as pressing “allow” when a site asked if they could provide you with important updates, attackers have come up with several ways to trick users into signing up for these pesky notifications.

Some of these ways include:

• Misrepresenting the consent as a CAPTCHA
• Switching the “accept” and “decline” buttons mid-action, showing notifications from phishing copies of well-known websites
• Showing fraudulent subscribe popups on websites by blocking the content you wanted to view with a popup window requiring you to click “Allow” to view the content.

How do I stop them?

Because there are so many sources of push notifications, they can be very tricky to remove. First and foremost, to avoid receiving even more notifications, when a website asks for permission to send updates or asks you to subscribe to push notifications, decline the offer or simply x out of the window. Also, avoid downloading anything that isn’t essential, and that doesn’t come from a trusted source, as malware is often packaged in with unofficial downloads.

To stop push notifications that have already been authorized:

1. Activate Guardio. Guardio is a browser protection program that blocks malicious push notifications from appearing. It also protects you by blocking any clones of websites that may trick you into allowing notifications and malware, scams, and other online threats that can all compromise your safety online.
2. Type chrome://settings/content/notifications?search=notifications into your URL bar. This shows a list of websites you allowed to send you push notifications, as well as the list of websites you blocked push notifications from. If you see one you don’t remember approving or wish to take back permission from, just click the vertical dots bar for that domain and select ‘Remove’.
3. Turn all push notifications off using these instructions provided by Google
4. If you’re having trouble stopping popups after following these instructions, reach out to Guardio’s support team at support@guard.io. Our support team works one on one with any Guardio member to help find the source and stop those popups.