Another Phishing Attack Angle


Hackers have found ways to add notification code behind the website code.  Thus if you say Allow in the notification window:

then eventually a ‘bad’ notification comes up:

Here is an example of ‘bad’ or hacker initiated notifications:


Here is where had the story and the investigation by cybernews showed the details of the attack:

“That can be a simple and efficient delivery method for malware. The unique part is that it is embedded to the user profile that is connected to the browser. That means that if the user logs in with his private user to the browser in his workstation, he will download this malicious notification directly into his working network without realizing it,” Koren warns.

As mentioned in the article once the wrong “allow” button is clicked then the bad malicious code is in the system and the beginning of a set of events that could cause you to ransomware hell.

Everything one installs or allows on your system can be used against you – so you better be sure of what you are doing. If in doubt deny or block is a better bet than allow.

Deny first, investigate and only if all checks out then allow.

We have to get used to denying first everything that we see on our computers.

Contact us to discuss.