Learn to Identify and Eliminate Phishing Notifications

ByEmily Dolloff

Email may be the most common form of phishing, but it’s not the only one. Modern Web browsers support a technology that enables websites to display system-level notifications just like regular apps. These push notifications have good uses, such as letting frequently updated websites inform users of new headlines, changed discussion threads, and more.

Unfortunately, push notifications can be subverted for malicious purposes, notably phishing. Here’s what happens. You visit a website that asks you if you’d like to receive notifications.

That request may be introduced with language that implies you must agree in order to get desired content, or it may be a bald-faced request to show notifications. If you agree, the website will be able to display alarming or deceptive phishing notifications even when it’s not open.

The goal is to trick you into clicking the notification, which will load a fake site that attempts to get you to enter login credentials or credit card information to facilitate identity theft.

The danger of phishing notifications is that they come from the system, so they may seem more legitimate than email messages trying to sucker you into revealing personal information. Nevertheless, as you can see in the examples above, they may still look sketchy in ways reminiscent of phishing emails:

  • No legitimate website would use emoji or symbols in a notification, much less multiple ones.
  • Although there are no glaring spelling or grammar mistakes, the use of all caps in the top notification is a giveaway. Similarly, standard notifications wouldn’t use exclamation points.
  • The use of “Click here” is poor information design that’s unlikely to come from a professional programmer or Web designer.

Phishing notifications, although problematic, aren’t a malware infection, and anti-malware packages won’t detect or remove them. Luckily, they’re easy to control and block in Safari and other Web browsers.

Prevent Phishing Notifications

The easy way to ensure you don’t see phishing notifications is to allow only trusted websites to send notifications. In general, we recommend keeping that list small so you’re not frequently interrupted by unnecessary notifications.

If you’re unsure that you’ll be able to identify malicious websites, you can enable a browser setting that prohibits all websites from asking for permission to send notifications. In Safari, choose Safari > Settings > Websites > Notifications, and deselect “Allow websites to ask for permission to send notifications” at the bottom.

Other browsers have similar options, and most will look like Google Chrome, as shown below:

  • Arc: Choose Arc > Settings > General > Notifications and select “Don’t allow sites to send notifications.”
  • Brave: Navigate to Brave > Settings > Privacy and Security > Site and Shield Settings > Notifications and select “Don’t allow sites to send notifications.”
  • Firefox: Go to Firefox > Settings > Privacy & Security > Notifications and select “Block new requests asking to allow notifications.”
  • Google Chrome: Navigate to Chrome > Settings > Privacy and Security > Site Settings > Notifications and select “Don’t allow sites to send notifications.”
  • Microsoft Edge: Choose Microsoft Edge > Settings > Cookies and Site Permissions > Notifications and turn off “Ask before sending.”

Browsers based on Chrome (everything except Firefox in the list above) offer a “Use quieter messaging” option that replaces the permission dialog with a bell icon next to the site name in the address bar—click it to allow notifications from that site.

Eliminating Phishing Notifications

Now you know how to prevent new sites from requesting permission to display notifications. What about sites that already have permission? It’s easy to block them in Safari’s Notifications settings screen. If you have any undesirable sites with Allow in the pop-up menu to the right of their name in the Notifications screen, choose Deny from that menu. You could remove the site instead, but that would allow it to ask for permission again.

Firefox’s interface is similar to Safari’s, but Chrome-based browsers have a different interface that separates the blocked and allowed sites. To block a website whose notifications you no longer want to receive, click the button to the right and choose Block. Again, you could remove undesirable sites if you prefer, but remember that if your notification settings ever change, doing so could allow the site to ask for permission once more.

Ultimately, it’s easy to avoid phishing notifications by paying attention as you browse the Web. Steer clear of websites that make an unexpected request to display notifications. Notifications aren’t necessary on hardly any websites, so there’s no harm in denying such requests unless you’re sure they’re legitimate.

(Featured image based on an original by iStock.com/tadamichi)

Social Media: Did you know that a phishing website can send you a notification right on your Mac? Learn how this could happen and how to prevent it in your favorite Web browser.

Similar Posts

  • Sonos and Apple Music

    A little over a week ago things became official: Apple Music is now available to those who use “**Sonos.**”:http://www.smalldog.com/category/?mmfg%5B0%5D=Sonos For some of us this wasn’t a huge announcement. I have been using the beta version now for several months and have been enjoying my Apple Music playlists as well as my own personal play lists on my iPhone. I have been a huge fan of Sonos for about two years and not being able to listen to Apple Music was my one complaint about the system, but not anymore!

    Apple Music isn’t the only great thing about Sonos either, did you know that you can also control your Sonos system from your computer? I admit, I didn’t realize this at first. With a huge focus on how easy the system is to set up and control from your iPad or iPhone, this is one feature that’s often overlooked. With a simple “App download”:http://www.sonos.com/controller-app on your computer, you can open up your entire (in most cases) music library for listening through your Sonos system. Another great feature of the Sonos App is the ability to set a sleep timer. If your someone who enjoys falling asleep to music, but prefers it doesn’t stay on all night this is a huge feature even if it is a bit hidden. The more info icon within the Sonos App hides a lot of features, including the sleep timer.

  • _Dear Friends,_

    I am off to Daytona for the 75th Bike Week. We went out to the 75th anniversary of the Sturgis Bike Week so it is only appropriate for us to hit the one sort of in our neighborhood, too. We will be riding on our 2003 Victory motorcycles and trying to avoid any big roads.

    Sugaring season in Vermont is well underway and this time of the year in Vermont always reminds me when we used to sugar the old-fashioned way. Now it is mostly pipelines and big sugaring operations but back when we lived in North Wolcott, Vermont I had a big work horse. The horse was kind of untrained but hitching her to the sled with the big heavy sap gathering tank made her behave. We would tap the trees by hand, hang buckets and as the sap began to flow we would tramp through the deep snow to empty the buckets into the tank. One horsepower was a lot of power as the horse would make her way through the sugar maples and the tank got full. We would take it to our makeshift sugaring arch and boil the sap into yummy syrup. Some of the best times! I still prefer the “grade b” syrup over fancy grade.

    This week’s Kibbles & Bytes exclusive brings back the “**Chill Pill six-pack special.**”:http://www.smalldog.com/wag900002006/ These little portable speakers have been around for a long time and I need to reduce our inventory. So, you can get 2 Black, 2 Red and 2 White Chill Pill speakers for only $29 this week. They make great gifts and are great for camping or just hanging out in the yard. Normally, they are $9.99 each but this week 6 for “**$29!**”:http://www.smalldog.com/wag900002006/

  • Hey Dora…

    So we have Siri and I’ve been playing around with Alexa (don’t tell Grace!) but now I have Dora, too. Dora is the computer from Robert Heinlein’s Time Enough for Love, The Number of the Beast, The Cat Who Walks Through Walls which were some of my favorite Sci-Fi as a kid.

    I was helping a customer that has pretty bad arthritis and struggled to use the keyboard. I was straightening out her email and getting her off of AOL (something we do often!) and noticed how difficult it was to type a simple email. So, I showed her dictation on the Mac and wow, it was like a light just got switched on. Dictation has come a long way and if your are on Mavericks, Yosemite or El Capitan, Apple’s enhanced dictation works wonderfully.

    Dictation will not be a satisfying experience for you if you have a lot of noise in the room, i.e. other people talking, music, etc, but if you are working alone in a relatively quiet environment it can be a great tool not only for dictating that email but you can also use spoken commands to direct your Mac to take action.

    Setting up Enhanced Dictation

    * Open System Preferences, then click on Dictation & Speech. Turn on Dictation and set up your options.

    * Click *Use Enhanced Dictation*. This will download a 1.2GB file so that you can dictate without internet connection.

    * Choose your language and dialect. Some languages, such as English, have multiple dialects.

    * Choose the keyboard shortcut you will use to signal that you’re ready to start dictating. The default is pressing the function Fn key twice, which I find convenient but you can customize it.

    * Choose your preferred microphone from the pop-up menu below the microphone icon. Normally, you use the internal microphone but if you are using a headset or external microphone you can choose that.

    Using Dictation

    * Go to a document or other text field and place the insertion point where you want your dictated text to appear.

    * Press the keyboard shortcut for starting dictation. The default shortcut is Fn Fn (press the Fn key twice). Or choose Edit > Start Dictation. When your Mac is listening, it displays a microphone with an input meter that rises and falls as you speak.

    * Speak the words that you want your Mac to type. Use dictation commands to add punctuation, formatting, and more.

    * To stop dictating, click Done below the microphone icon, or press Fn, or switch to another window.

    The more you use Dictation, the better it understands you. Dictation learns the characteristics of your voice and adapts to your accent.

    I will go into some of the more enhanced features like Dictation Commands in next week’s Kibbles & Bytes but I can tell Dora to Open an App, select text, move up or down and much more. I think you will like dictation on the Mac, give it a try!