Connected or Compromised? How to Stay Secure While Using Push Notifications

By and on Nov 06, 2018

You’re probably familiar with push notifications – messages sent by app publishers that pop up on your desktop or mobile device. Browser push notifications are messages from websites that users have granted permission to serve them the latest news without having to open the actual website. While push notifications are a handy way to stay current with social media and the latest news from your favorite apps, the researchers here at McAfee have observed that these notifications have some compromising features, which impact both Chrome and Firefox browsers.

It turns out there are some real cybersecurity risks involved with taking advantage of the convenience of browser push notifications. That’s because to show push notifications, website owners must utilize pop-up ads that first request permission to show notifications. Essentially, users are tricked into thinking that the request is coming from the host site instead of the pop-up. This feature is currently being exploited by adware companies, which are using it to load unwanted advertisements onto users’ screens. Often times, these ads contain offensive or inappropriate material and users can even be exposed to irritating pop-ups that could potentially lead to viruses and malware.

So, how can users enjoy the convenience of push notifications without putting themselves at risk of a cyberattack? Check out the following tips:

  • Follow Google Chrome’s instructions on how to allow or block notifications. Check out this step-by-step guide to customize which sites you receive push notifications from and which ones you don’t.
  • Customize your Firefox notification options. You can check the status of which sites you have given permission to send notifications your way and choose whether to have the browser always ask for permission, allow or block notifications.
  • Use parental controls.No one wants inappropriate ads, especially parents of young children. To prevent exposing your kids to the inappropriate adverts that could result from push notifications, implement parental controls on your desktop. This additional filtering could prevent your child from accidentally clicking on malicious content that could infect your device.
  • When in doubt, block it out. If you come across a push notification pop-up from a suspicious-looking website or unfamiliar app, click on the ‘Block’ option to stay on the safe side.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow me and @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

Oliver Devane

Oliver Devane is currently a Senior Security Researcher at McAfee. He is based in the UK office and has over 10 years of experience analyzing Malware and Potentially Unwanted Programs.

Read more posts from Oliver Devane

Subscribe to McAfee Securing Tomorrow Blogs