31 Jul

Be careful of “Allow Website” Notification!

What is Allow Website Notifications?

“Allow Website Notifications” is a spam promotion method that has recently become popular amongst cyber criminals. It is a simple method used to promote various malicious sites. Research shows that users typically encounter “Allow Website Notifications” when they have potentially unwanted adware-type programs (PUPs) installed on their computers. In some cases, these pop-ups occur after clicking intrusive advertisements displayed by malicious sites.

Allow Website Notifications scam

In the past, most spam was distributed using emails, however, email providers have become efficient in dealing with the problem and so this method is consequently less effective. Therefore, criminals search for new methods to proliferate spam, including “Allow Website Notifications”. In general, the “Allow Website Notifications” option is legitimate and allows web developers to notify users when new content is posted, however, criminals misuse this facility to promote malicious websites. When users open a website with “Allow Website Notifications”, they are prompted with a pop-up asking for permission to display notifications. If users agree, their choices are saved in browser options and criminals are then able to continually feed them with unwanted ads. In this way, users are redirected to sites that contain malicious content, thus leading to system infection. Some sites ask to enable notifications, otherwise content will not be displayed. When the user declines, the pop-up simply re-appears until the website is closed. These claims to display content are merely attempts to trick users into clicking “Allow” – after doing so, users receive nothing. Fortunately, removing permission to display notifications is simple – follow the instructions below.

Adware-type applications typically do two things: 1) display intrusive advertisements, and; 2) gather sensitive information. To display ads (coupons, banners, pop-ups, and so on), adware employs various tools that enable placement of third party graphical content on any site. Therefore, displayed ads often conceal underlying website content, thereby diminishing the browsing experience. Furthermore, intrusive ads can lead to malicious websites and even run scripts that download/install malware (or other PUPs). Even a single click can result in high-risk computer infections. Another important issue is information tracking. Potentially unwanted programs gather various information (e.g., geo-locations, IP addresses, keystrokes, URLs visited, pages viewed, queries entered into search engines, and so on) that might contain personal details. This information is shared with third parties (potentially, cyber criminals) who generate revenue by misusing private information. Therefore, the presence of data-tracking apps might lead to serious privacy issues or even identity theft. You are strongly advised to remove all adware-type applications immediately.

There are hundreds of adware-type applications, all of which are virtually identical (e.g., PokkiUpdate CheckerCurrent Me, etc.) By offering a wide range of “useful functions”, potentially unwanted programs attempt to give the impression of legitimacy and trick users to install, however, all adware is designed only to generate revenue for the developers. This rogue software merely gathers sensitive information and delivers intrusive advertisements, thereby posing a direct threat to your privacy and Internet browsing safety.

How did potentially unwanted programs install on my computer?

Although some PUPs have official download/promotion websites, most infiltrate systems without permission, since adware is typically distributed using intrusive advertising and “bundling” methods. “Bundling” is essentially stealth installation of third party software with regular apps. PUP developers do not disclose these installations properly – they hide “bundled” apps within various sections (e.g., “Custom/Advanced” settings) of the download or installation processes. Furthermore, many users click intrusive advertisements and skip download/installation steps. In doing so, they expose their systems to risk of various infections and compromise their privacy.

How to avoid installation of potentially unwanted applications?

To prevent system infiltration by PUPs, be very cautious when browsing the Internet and downloading/installing software. Bear in mind that intrusive advertisements typically seem legitimate, but redirect to dubious websites (e.g., pornography, adult dating, gambling, and so on). If you experience these redirects, immediately remove all suspicious applications and browser plug-ins. Carefully analyze each step of the download/installation processes and decline offers to download/install additional applications. We recommend that you download your programs from official sources only, using direct download links, since developers monetize third party downloaders/installers by promoting PUPs. The key to computer safety is caution.

How to remove/disable notifications in web browsers:

Google Chrome (PC):

  • Click the Menu button (three dots) on the right upper corner of the screen
  • Select “Settings“, scroll down to the bottom and click “Advanced
  • Scroll down to the “Privacy and security” section, select “Content settings” and then “Notifications
  • Click three dots on the right hand side of each suspicious URL and click “Block” or “Remove” (if you click “Remove” and visit the malicious site once more, it will ask to enable notifications again)

Mozilla Firefox:

  • Click the Menu button (three bars) on the right upper corner of the screen
  • Select “Options” and click on “Privacy & Security” in the toolbar on the left hand side of the screen
  • Scroll down to the “Permissions” section and click the “Settings” button next to “Notifications
  • In the opened window, locate all suspicious URLs, click the drop-down menu and select “Block

Internet Explorer:

  • Click the Gear button on the right upper corner of the IE window
  • Select “Internet options
  • Select the “Privacy” tab and click “Settings” under “Pop-up Blocker” section
  • Select suspicious URLs under and remove them one by one by clicking the “Remove” button

Microsoft Edge:

  • Click the menu button (three dots) on the right upper corner of the Edge window
  • Scroll down, find and click “Settings
  • Scroll down again and click “View advanced settings
  • Click “Manage” under “Notifications
  • Click the switch under each suspicious website

Safari:

  • Click “Safari” button on the bottom of the screen and select “Preferences…
  • Select the “Websites” tab and then select “Notifications” section on the left pane
  • Check for suspicious URLs and apply the “Deny” option for each

Instant automatic removal of Allow Website Notifications virus:Manual threat removal might be a lengthy and complicated process that requires advanced computer skills.

Summary:

declining installation of adware while downloading free software sample

Commonly, adware or potentially unwanted applications infiltrate Internet browsers through free software downloads. Note that the safest source for downloading free software is via developers’ websites only. To avoid installation of adware, be very attentive when downloading and installing free software. When installing previously-downloaded free programs, choose the custom or advancedinstallation options – this step will reveal any potentially unwanted applications listed for installation together with your chosen free program.

30 Apr

What is Phishing?

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

The information is then used to access important accounts and can result in identity theft and financial loss.

The first phishing lawsuit was filed in 2004 against a Californian teenager who created the imitation of the website “America Online”. With this fake website, he was able to gain sensitive information from users and access the credit card details to withdraw money from their accounts. Other than email and website phishing, there’s also ‘vishing’ (voice phishing), ‘smishing’ (SMS Phishing) and several other phishing techniques cybercriminals are constantly coming up with.

 

Common Features of Phishing Emails

  1. Too Good To Be True  Lucrative offers and eye-catching or attention-grabbing statements are designed to attract people’s attention immediately. For instance, many claim that you have won an iPhone, a lottery, or some other lavish prize. Just don’t click on any suspicious emails. Remember that if it seems to good to be true, it probably is!
  2. Sense of Urgency – A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time. Some of them will even tell you that you have only a few minutes to respond. When you come across these kinds of emails, it’s best to just ignore them. Sometimes, they will tell you that your account will be suspended unless you update your personal details immediately. Most reliable organizations give ample time before they terminate an account and they never ask patrons to update personal details over the Internet. When in doubt, visit the source directly rather than clicking a link in an email.
  3. Hyperlinks – A link may not be all it appears to be. Hovering over a link shows you the actual URL where you will be directed upon clicking on it. It could be completely different or it could be a popular website with a misspelling, for instance www.bankofarnerica.com – the ‘m’ is actually an ‘r’ and an ‘n’, so look carefully.
  4. Attachments – If you see an attachment in an email you weren’t expecting or that doesn’t make sense, don’t open it! They often contain payloads like ransomware or other viruses. The only file type that is always safe to click on is a .txt file.
  5. Unusual Sender  Whether it looks like it’s from someone you don’t know or someone you do know, if anything seems out of the ordinary, unexpected, out of character or just suspicious in general don’t click on it!

 

Here is a great KnowBe4 resource that outlines 22 social engineering red flags commonly seen in phishing emails. We recommend printing out this PDF to pass along to family, friends, and coworkers.

22 Social Engineering Red Flags

Click To View Larger

Prevent Phishing Attacks:

Though hackers are constantly coming up with new techniques, there are some things that  you can do to protect yourself and your organization:

  • To protect against spam mails, spam filters can be used. Generally, the filters assess the origin of the message, the software used to send the message, and the appearance of the message to determine if it’s spam. Occasionally, spam filters may even block emails from legitimate sources, so it isn’t always 100% accurate.
  • The browser settings should be changed to prevent fraudulent websites from opening. Browsers keep a list of fake websites and when you try to access the website, the address is blocked or an alert message is shown. The settings of the browser should only allow reliable websites to open up.
  • Many websites require users to enter login information while the user image is displayed. This type of system may be open to security attacks. One way to ensure security is to change passwords on a regular basis, and never use the same password for multiple accounts. It’s also a good idea for websites to use a CAPTCHAsystem for added security.
  • Banks and financial organizations use monitoring systems to prevent phishing. Individuals can report phishing to industry groups where legal actions can be taken against these fraudulent websites. Organizations should provide security awareness training to employees to recognize the risks.
  • Changes in browsing habits are required to prevent phishing. If verification is required, always contact the company personally before entering any details online.
  • If there is a link in an email, hover over the URL first. Secure websites with a valid Secure Socket Layer (SSL) certificate begin with “https”. Eventually all sites will be required to have a valid SSL.

 

Generally, emails sent by a cybercriminals are masked so they appear to be sent by a business whose services are used by the recipient. A bank will not ask for personal information via email or suspend your account if you do not update your personal details within a certain period of time. Most banks and financial institutions also usually provide an account number or other personal details within the email, which ensures it’s coming from a reliable source.