Kaspersky analysis of threats prevented Egypt, United Arab Emirates, Kuwait, Saudi Arabia, Bahrain,Jordan and Oman in May 2020 has demonstrated that in just a month 131,764 users in these countries were subjected to the unwanted push notification appearance. All in all, such notifications were prevented from appearing 971,153 times.
Example of notification misleading the user with a link to a sign-up website
Unwanted notifications cannot be classified as malware and are technically described as potentially unwanted objects. While originally they were meant as a tool for rapid information of users on breaking news, today they can be exploited to target shell websites visitors, filling their devices with unsolicited ads and sometimes links to potentially dangerous websites. To achieve that, users are hoaxed into subscribing to notifications, for example, by passing subscription consent off as some other action. The victim ends up subscribed to ad deliveries, while at the same time quite unable to get rid of the annoying messages, being unaware of their source or origin.
Egypt has become the most targeted country with 34,654 users facing unwanted push notifications with 302,963 cases. It is followed by UAE with 26,028 affected browsers and 185,695 pop-ups and Kuwait with 5,451 and 41,712 devices and detected pushes accordingly. Users with such issues were also detected in Saudi Arabia with 43,304 targeted users facing 290,130 pop-ups. In addition, similar cases were noticed in Bahrain (2,604 attacked users), Jordan (7,089) and Oman (7,118).
Kaspersky security expert Artemy Ovchinnikov has commented on the situation, assuring users that a frightening number of users overwhelmed with push notifications spam is a part of global trend: “We see a continuous increase of a role of programs in a “grey zone” which cannot be classified as a malware, yet cause lots of disturbance and cause difficulties when working on a spammed laptop. Since their beginning in 2015, unwanted push notifications have been detected more and more often and now we see tens of thousands of them in some countries. The threat is relatively new. But good news is, it is easy to get rid of – users do not need specific coding skills to turn them off by themselves by accessing browser settings, or installing a simple security solution on their device”
To avoid receiving annoying notifications or scam ads, users can follow a few simple recommendations:
- Where possible, block all subscription offers, unless they come from popular and trusted websites. Remain vigilant to ensure you are not redirected to a fake website.
- If you’re unable to avoid an unwanted subscription, block it in the browser settings.
- Start using a reliable security solution, like Kaspersky Total Security, that blocks ad and scam push subscription offers in browsers, can delete subscriptions that have already been approved, and has an anti-phishing feature.