• 12/04/2022
  • homesmartjp
  • 1559 Views

Beware of security scam combos from "browser notification spam"!

On July 2, cybersecurity company Trend Micro issued a warning regarding "browser notification spam." This time, we will introduce browser notification spam and its countermeasures.

Browser notification spam is one of the methods to lead to online fraudulent sites by using the notification function of the web browser. Usually, many people use this function to display new articles on news sites and notifications of web services.

Cyber ​​criminals use this notification function to display "Infected with a virus", "Turn on antivirus now", etc., and direct them to fraudulent sites that sell malicious apps. You'll be surprised when you're operating your PC and the notification screen shows that you're infected with a virus.

In fact, this browser notification spam basically doesn't come out on its own. When I open the website, "●● .com is asking for the next permission" is displayed at the top of the screen, but when the user clicks "Allow" at this time, it will be displayed. increase. It is dangerous to allow it easily on a suspicious website.

Browser notification spam may ask for permission when displaying a website There is also a pattern that prompts the web page to press the permission button on the notification screen

This time, as a test, I allowed four fraudulent sites, and various types of notifications are displayed at the bottom right of the screen.

I try to deceive it with various words, but basically it is characterized by inducing "You may be infected with a virus, so please click to protect your data".

Various patterns have also been confirmed in browser notification spam. Often, you will see a notification that you may be infected with a virus.

In some cases, the support center of an existing company is displayed, or the telephone number for inquiries is displayed. When I actually call, I am connected to an overseas scammer and asked to purchase a prepaid card. Even if you open such a fraudulent site, close the tab or web browser of the page you are viewing and ignore it.

Clicking on the notification led to a fraudulent site.Ignore it and close it

「ブラウザ通知スパム」からのセキュリティ詐欺コンボにご注意!

If you allow notifications, you can block them in your web browser's settings screen. You can also turn off the notification feature itself.

If you want to turn off the notification function in Chrome, open "Notification" from "Site Settings" on the setting screen. If you do not want to use the notification function, select "Do not allow the site to send notifications". Also, if you want to turn off notifications from fraudulent sites, block them from the list of "Sites that allow communication to be sent".

You can turn off the notification feature by selecting "Do not allow the site to send notifications" Click "Delete" to revoke the notification permission, or click "Block" to block it.

For Edge, open "Notifications" from "Cookies and Site Permissions" on the settings screen. If you turn off "Confirm before sending", you will not be asked for permission to notify. Also, if you allow it on a fraudulent site, you can stop the notification by selecting "Block" or "Delete" from the "..." mark in the "Allow" list.

In the case of Edge, you can block or delete it from the "Notification" setting screen.

According to a survey by Trend Micro, cases of browser notification spam have been confirmed by browsing "underground sites".

An underground site is an abbreviation for underground site, and is an illegal pirated site that publishes illegal content such as adult sites, manga, anime, and music. The basis of self-defense is to stay away from suspicious places even on the Internet.

On top of that, if you have digital literacy about browser notification spam and security scams, you won't get caught up in this online scam. When you click on any "Allow" button, it's important to understand exactly what you're allowing.

Your parents may also be a prey to “Internet scams” ​​– aim to improve the digital literacy of older people and eradicate the damage caused by Internet scams by making them aware of the latest techniques. In this series, we will introduce examples of damage caused by online fraud based on the information sent to "DLIS (Digital Literacy Improvement Organization)". I will also explain how to deal with it.

Featured article of "Digital literacy for the elderly, learning from damage cases"

NPO corporation DLIS (Digital Literacy Improvement Organization)

It is an NPO that supports the improvement of digital literacy for the elderly. In addition to contributing to media, we provide information to facilities and groups for the elderly and give lectures. If you are interested in or would like to cooperate with us, please contact us at "support@dlis.info" and we will send you the latest information.

* The number of inquiries regarding online fraud is increasing.In the unlikely event that you are hit by an internet scam, please refer to the following article first. Reference: What to do and what not to do when you are hit by an internet scam