Notifications in your browser can be a handy thing in moderation. They allow you to get updates from websites you follow. However, as with a lot of things, they can be abused. The result is, at best, annoying and, at worst, a security risk. It is now a common tactic for bad actors to spam you with browser notifications in an attempt to get you to fall into their trap. These spam notifications try to lure you in by enticing you or scaring you.

So, what exactly are these, and how did they become enabled on your computer?

The above image is of a genuine pop-up notification. It requests that you enable McAfee WebAdvisor’s Secure Search, which further enhances the security of your online browsing. Therefore, it is okay to accept this request. However, many people experience fake pop-up notifications such as the ones below:

When visiting specific websites, you might also encounter fake pop-ups that imitate McAfee pop-ups. As previously said, these pop-ups are not push notifications. They are simple pop-ups that appear when you visit the website. These are fake messages that claim to be from McAfee in an effort to persuade you to select one of their options. An example looks like this:

NOTE: Your PC’s security may be jeopardized if you choose to respond to a phony pop-up or alert. So, it’s best to read alert messages or pop-up windows carefully. But how can you tell the difference between a fake pop-up/notification, or a real one?

How to Identify a Bogus Pop-Up or Notification

It can be difficult to determine whether a warning is authentic because cybercriminals are skilled enough to manufacture their pop-ups in ways that appear truly genuine. However, the following are some tips to assist you in identifying these phony pop-ups:

Look for detailed information (or lack thereof): Before clicking any of the choices, carefully review the information displayed by the pop-up. Is it authentic, or are the selections displayed unusual? For example, consider the following image:

Source

No language describing why the pop-up emerged is present in the pop-up above – indicating this is a fake. Contrast that with the real McAfee pop-up that appears at the start of this post, which has a far more thorough and detailed description.

Look for unprofessional language: Look to see if the message contains any spelling or grammatical errors, and/or improper language. Some cybercriminals create their phony pop-ups carelessly. In these circumstances, the pop-up may have poorly written information that make it simpler to recognize it as a fake.

Pay attention to the URLs: A non-McAfee URL is a sign that the notification isn’t genuine and isn’t coming from McAfee. Communications from similar domains, such mcafee.org, are also likely to be false.

Keep in mind that McAfee often utilizes the mcafee.com name.

Ask yourself: Is McAfee software even installed on your computer? If you see a pop-up that appears to be from McAfee but you don’t have any McAfee software, it’s most likely a hoax.

Check the image quality: Do the logos or photos in the message have poor quality? A phony pop-up will usually have subpar visuals. This could include the image not being scaled correctly, the quality of the image is grainy, etc.

What Are the Causes?

These messages aren’t considered “pop-ups” in the conventional sense. These communications are online push notifications produced by websites not affiliated with McAfee or other cybersecurity programs. You’ve probably seen app push notifications on your smartphone. When you install an app, you typically ‘opt-in’ to receive the most recent app notifications on your phone. Similar to mobile push notifications, you must initially “opt-in” to receive web push alerts. Normally, you choose to receive these notifications after seeing a pop-up similar to this one in your browser. The website then sends notifications to your PC after you opt in.

It’s important to note that these messages are sent on a “system” level rather than at the browser level. The notifications may still show up even if your browser is closed because they are delivered on this system level. Additionally, notifications could show up even if your browser is not on the website where you consented to receive them.

The good news is that you can prevent these from appearing.

Solutions

 There are a few ways to turn off notifications. You can either disable them completely or disable them for certain domains by removing them from your “Allow” list. They are even accessible from your “Blocked” list.

Every browser has slightly different notifications and slightly different processes for turning them off. The steps below are for the new Microsoft Edge browser dictated by McAfee themselves. For different web browsers other than Edge, you can look here for step-by-step instructions.

  1. Open New Edge.
  2. Click the Settings and more icon () at the top right.
  3. Click Settings and then Cookies and site permissions.
  4. Scroll down to find All permissions and click Notifications.
  5. To block all notifications, turn off Ask before sending (recommended).
  6. To block notifications from a specific website:
  7. Click Add next to Block option.
  8. Type the website URL, prefixed with [*.]. For example, type [*.]mcafee.com to block all push notifications originating from the mcafee.com domain.
  9. Click Add. The website can no longer send push notifications through New Edge.

Are Any of These Notifications Valuable?

 While there may be some situations when push notifications are useful, we would not judge if you decided to turn them off entirely.

Web push notifications serve more purposes than only annoying Windows users. Users of one of the participating browsers – which include Chrome, Firefox, Opera, Edge, and Safari – may be able to see them on Android, Chromebooks, MacOS, and even Linux. In rare circumstances, push notifications might be displayed without even opening the browser.

Be cautious and consider your sanity when clicking “Allow.”

If you have any additional questions or concerns, please call 502-240-0404 or send us an email at info@mirazon.com