Kaspersky analysis of threats prevented in South Africa, Kenya, Nigeria, Namibia, Rwanda, Ethiopia, and Egypt in May 2020 has demonstrated that in just a month, 100,414 users in these countries were subjected to the unwanted push notification appearance. All in all, such notifications were prevented from appearing 727,162 times during May.
(TOP: An example of notification misleading the user with a link to a sign-up website).
Unwanted notifications can not be classified as malware and are technically described as potentially unwanted objects. While originally they were meant as a tool for rapid information of users on breaking news, today they can be exploited to target shell websites visitors, filling their devices with unsolicited ads and sometimes links to potentially dangerous websites. To achieve that, users are hoaxed into subscribing to notifications, for example, by passing subscription consent off as some other action. The victim ends up subscribed to ad deliveries, while at the same time quite unable to get rid of the annoying messages, being unaware of their source or origin.
Egypt has become the most targeted country with 34,654 targeted users and 302,963 attacks, while in South Africa 26,509 users were subjected to unwanted push notifications activity with 181,275 cases. It is followed by Kenya with 24,388 affected browsers and 158,627 pop-ups and Nigeria with 7,654 and 40,185 devices and detected pushes accordingly. In addition, users with such issues were detected in Namibia, Rwanda and Ethiopia, with 8,393; 19,883; 15,836 devices respectively.
Kaspersky security expert Artemy Ovchinnikov has commented on the situation, assuring users that a frightening number of users overwhelmed with push notifications spam is part of a global trend: “We see a continuous increase of a role of programs in a “grey zone” which can not be classified as a malware, yet cause lots of disturbance and cause difficulties when working on a spammed laptop. Since their beginning in 2015, unwanted push notifications have been detected more and more often and now we see tens of thousands of them in some countries. The threat is relatively new. But the good news is, it is easy to get rid of – users do not need specific coding skills to turn them off by themselves by accessing browser settings, or installing a simple security solution on their device.”
To avoid receiving annoying notifications or scam ads, users can follow a few simple recommendations:
- Where possible, block all subscription offers, unless they come from popular and trusted websites. Remain vigilant to ensure you are not redirected to a fake website.
- If you’re unable to avoid an unwanted subscription, block it in the browser settings.
- Start using a reliable security solution, like Kaspersky Security Cloud, that blocks ad and scam push subscription offers in browsers, can delete subscriptions that have already been approved, and has an anti-phishing feature.