Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Indian Express

New age hackers are taking advantage of the convenience of browser or app-based push notifications to inject malicious links which when clicked can contain offensive or inappropriate material which could further lead to viruses and malware.

The same was highlighted in Spam and Phishing in Q3 report which said, “Some browsers make it possible for websites to send notifications to users (for example, Push API in Chrome), and this technology has not gone unnoticed by cybercriminals.”

So how does it work?  “To show push notifications which are messages sent by app publishers that pop up on your desktop or mobile device, a McAfee researcher in a blogpost said, “Website owners must utilise pop-up ads that first request permission to show notifications. Essentially, users are tricked into thinking that the request is coming from the host site instead of the pop-up.”

For instance, the browser Chrome requests permission to enable notifications for each site. Though this is a normal request, one should be suspicious if a site states they cannot continue loading without a click on the “yes” button — and thereby forcing the user into making an affirmative action.
“Having given the site permission to display notifications, many users simply forget about it, so when a pop-up message appears on the screen, they don’t always understand where it came from,” the Spam and Phishing in Q3 report said.

The user might think that it came from a trusted source. “The user might see, for instance, a “notification” about a funds transfer, giveaway, or tasty offer. They all generally lead to phishing sites, online casinos, or sites with fake giveaways and paid subscriptions.”

The McAfee researcher suggested following Google’s guide to customising which sites to receive push notifications from. Use of parental controls was also recommended.

www.extremehacking.org

Sadik Shaikh | Cyber Suraksha Abhiyan, Ethical Hacking Training Institute, CEHv10,CHFI,ECSAv10,CAST,ENSA, CCNA, CCNA SECURITY,MCITP,RHCE,CHECKPOINT, ASA FIREWALL,VMWARE,CLOUD,ANDROID,IPHONE,NETWORKING HARDWARE,TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking,Center For Advanced Security Training in India, ceh v10 course in Pune-India, ceh certification in pune-India, ceh v10 training in Pune-India, Ethical Hacking Course in Pune-India