Learn to Identify and Eliminate Phishing Notifications

ByEmily Dolloff

Email may be the most common form of phishing, but it’s not the only one. Modern Web browsers support a technology that enables websites to display system-level notifications just like regular apps. These push notifications have good uses, such as letting frequently updated websites inform users of new headlines, changed discussion threads, and more.

Unfortunately, push notifications can be subverted for malicious purposes, notably phishing. Here’s what happens. You visit a website that asks you if you’d like to receive notifications.

That request may be introduced with language that implies you must agree in order to get desired content, or it may be a bald-faced request to show notifications. If you agree, the website will be able to display alarming or deceptive phishing notifications even when it’s not open.

The goal is to trick you into clicking the notification, which will load a fake site that attempts to get you to enter login credentials or credit card information to facilitate identity theft.

The danger of phishing notifications is that they come from the system, so they may seem more legitimate than email messages trying to sucker you into revealing personal information. Nevertheless, as you can see in the examples above, they may still look sketchy in ways reminiscent of phishing emails:

  • No legitimate website would use emoji or symbols in a notification, much less multiple ones.
  • Although there are no glaring spelling or grammar mistakes, the use of all caps in the top notification is a giveaway. Similarly, standard notifications wouldn’t use exclamation points.
  • The use of “Click here” is poor information design that’s unlikely to come from a professional programmer or Web designer.

Phishing notifications, although problematic, aren’t a malware infection, and anti-malware packages won’t detect or remove them. Luckily, they’re easy to control and block in Safari and other Web browsers.

Prevent Phishing Notifications

The easy way to ensure you don’t see phishing notifications is to allow only trusted websites to send notifications. In general, we recommend keeping that list small so you’re not frequently interrupted by unnecessary notifications.

If you’re unsure that you’ll be able to identify malicious websites, you can enable a browser setting that prohibits all websites from asking for permission to send notifications. In Safari, choose Safari > Settings > Websites > Notifications, and deselect “Allow websites to ask for permission to send notifications” at the bottom.

Other browsers have similar options, and most will look like Google Chrome, as shown below:

  • Arc: Choose Arc > Settings > General > Notifications and select “Don’t allow sites to send notifications.”
  • Brave: Navigate to Brave > Settings > Privacy and Security > Site and Shield Settings > Notifications and select “Don’t allow sites to send notifications.”
  • Firefox: Go to Firefox > Settings > Privacy & Security > Notifications and select “Block new requests asking to allow notifications.”
  • Google Chrome: Navigate to Chrome > Settings > Privacy and Security > Site Settings > Notifications and select “Don’t allow sites to send notifications.”
  • Microsoft Edge: Choose Microsoft Edge > Settings > Cookies and Site Permissions > Notifications and turn off “Ask before sending.”

Browsers based on Chrome (everything except Firefox in the list above) offer a “Use quieter messaging” option that replaces the permission dialog with a bell icon next to the site name in the address bar—click it to allow notifications from that site.

Eliminating Phishing Notifications

Now you know how to prevent new sites from requesting permission to display notifications. What about sites that already have permission? It’s easy to block them in Safari’s Notifications settings screen. If you have any undesirable sites with Allow in the pop-up menu to the right of their name in the Notifications screen, choose Deny from that menu. You could remove the site instead, but that would allow it to ask for permission again.

Firefox’s interface is similar to Safari’s, but Chrome-based browsers have a different interface that separates the blocked and allowed sites. To block a website whose notifications you no longer want to receive, click the button to the right and choose Block. Again, you could remove undesirable sites if you prefer, but remember that if your notification settings ever change, doing so could allow the site to ask for permission once more.

Ultimately, it’s easy to avoid phishing notifications by paying attention as you browse the Web. Steer clear of websites that make an unexpected request to display notifications. Notifications aren’t necessary on hardly any websites, so there’s no harm in denying such requests unless you’re sure they’re legitimate.

(Featured image based on an original by iStock.com/tadamichi)

Social Media: Did you know that a phishing website can send you a notification right on your Mac? Learn how this could happen and how to prevent it in your favorite Web browser.

Similar Posts

  • Watch Out for Modern Tech Support Scams

    Although Apple’s products and services generally live up to Steve Jobs’s phrase “it just works,” problems do occur, opening the door to scams…

  • _Dear Friends,_

    I am off to Daytona for the 75th Bike Week. We went out to the 75th anniversary of the Sturgis Bike Week so it is only appropriate for us to hit the one sort of in our neighborhood, too. We will be riding on our 2003 Victory motorcycles and trying to avoid any big roads.

    Sugaring season in Vermont is well underway and this time of the year in Vermont always reminds me when we used to sugar the old-fashioned way. Now it is mostly pipelines and big sugaring operations but back when we lived in North Wolcott, Vermont I had a big work horse. The horse was kind of untrained but hitching her to the sled with the big heavy sap gathering tank made her behave. We would tap the trees by hand, hang buckets and as the sap began to flow we would tramp through the deep snow to empty the buckets into the tank. One horsepower was a lot of power as the horse would make her way through the sugar maples and the tank got full. We would take it to our makeshift sugaring arch and boil the sap into yummy syrup. Some of the best times! I still prefer the “grade b” syrup over fancy grade.

    This week’s Kibbles & Bytes exclusive brings back the “**Chill Pill six-pack special.**”:http://www.smalldog.com/wag900002006/ These little portable speakers have been around for a long time and I need to reduce our inventory. So, you can get 2 Black, 2 Red and 2 White Chill Pill speakers for only $29 this week. They make great gifts and are great for camping or just hanging out in the yard. Normally, they are $9.99 each but this week 6 for “**$29!**”:http://www.smalldog.com/wag900002006/

  • _Dear Friends,_

    Don’s making the voyage home this week from Key West back to the Green Mountains. He’s in for a bit of a shock when he gets back. Mother Nature seems to have gotten a bit confused this week. I mentioned in the fall that I was taking a new stance on winter and was going to embrace it this year and I truly did my best though we didn’t see much snow. But when we get a snow in late April, I choose to just ignore it. I didn’t bother to shovel off my deck and I left the hose to water my horses just thrown on the ground. In the end both these decisions only made my life harder. I had to lug water buckets for my horses as my hose was not only frozen to the ground, but frozen itself because I didn’t take the time to drain the water out of it. All the slush and snow I ignored on my deck was a sprained ankle waiting to happen and my screen door only opened halfway once everything froze back up. Well, let’s just hope this was finally the last of it and spring will finally show up for real. It always looks a little funny when the trees are starting to bud and there is still snow on the ground.

    The snow this week was a bit of a shock to many of us, and so was the latest financial report from Apple. For the first time in 13 years, Apple’s financial report showed lower than expected sales figures. iPhone sales showed their first decline since their release and iPad sales have been sluggish for several quarters now, but we’ll have more on this later in Kibbles.

    This week’s Kibbles & Bytes exclusive is perfect for the on-the-run Mom on your list or anyone who is on the go and trying to fit time in for themselves between home and the office. This week only, save $40 on this perfect on-the-run bundle. Get the OutDoor Tech Kodiak mini, the BlueAnt Pump Mini headphones and the Belkin Slim-Fit Plus armband for “**$99.97**.”:http://www.smalldog.com/wag900002212 This bundle is perfect for ensuring the mom who does it all can keep can keep her phone going to capture those special moments or squeeze in an important call during her workout.

  • Back up for the Holidays

    The Holidays are here and I am sure many of your are busy making memories, thinking about others and capturing as many picture-perfect moments that you can. While you’re busy bustling around, are you taking the time to think about these memories? What would happen if you couldn’t go back and look up those moments? Perhaps now is the time to think about a gift for yourself and taking the time to ensure that all of the perfect moments you are capturing on video and in pictures are being safely stored on your computer.

    I know we talk about this all the time, but it’s surprising how many of us out there keep putting this important step of backing up to the side! The Holidays are the time with some of the best memories, and so many of us are capturing once in a lifetime moments. The last thing anyone wants is to have something happen to those photos. There are so many options for backing up your computer and your important files it can be a little overwhelming. There is iCloud, cloud-based storage solutions from countless companies, traditional external hard drives for back up and more! My preferred backup solutions are a combination of cloud backup and physical hard drives. It might seem a little redundant, but better to be safe than sorry when it comes to important documents and memories.

    For me, iCloud and an external hard drive are my preferred options for backing up. I use my iCloud account to keep my daily life in order, contacts and calendars most importantly. I also use iCloud for storing some of my most important memories and files, select baby photos of my kids and some important documents. The kind of things that should the worst case happen and I lost my computer or drives due to theft or fire I still have copies in the cloud. My preference for my backups is using Time Machine and my “**Seagate**”:http://www.smalldog.com/product/85305/seagate-backup-plus-slim-portable-drive-usb-3-0-2tb-blue hard drives. I keep a different drive for each of my computers and perform fairly regular backups, I am not perfect, so sometimes they are not as regular as I would like. But utilizing these drives allows me to ensure that I have entire backups of my files and data readily available. Before I started to use iCloud I would also have back ups drives of my Time Machine back up, yes, I was and am that paranoid about loosing photos of my kids. I still have a small 20gb drive that contains my oldest daughter’s first year of photos, even though I know all the photos are on my computer and backed up I still won’t delete that drive.

    In the last year we have seen a rise in alternative cloud storage and mobile storage solutions. Many companies like “*Seagate*”:http://www.smalldog.com/category/?mmfg%5B0%5D=Seagate and “*LaCie*”:http://www.smalldog.com/category/?mmfg%5B0%5D=LaCie have portable drives that allow users to access information wirelessly while on the go. This is a great solution for families with large media libraries for movies. The “**Lacie Fuel**”:http://www.smalldog.com/product/85520/lacie-fuel-wireless-battery-powered-mobile-hd-wifi-usb-3-0-1tb is great for just this. Have a long road trip? Load up the drive and the family can access the files from their iPhones or iPads quickly and easily without taking up storage on their devices. Another and perhaps more practical solution is the “**Seagate Personal Cloud**”:http://www.smalldog.com/wag900002041/mac-the-halls-save-20-on-seagate-personal-cloud-home-media-storage-3tb. This drive allows you to back up everything on your computer and access it from anywhere! No need to carry that back up drive along with you, and with tons of storage options little worry about not having enough space. So this holiday season remember, backing up is just as important as capturing those memories.