Business
Focused
Technology

[HEADS UP] Allowing Site Notifications Can be Very Costly

Krebs on Security reported that there have been an increasing number of websites asking visitors to approve ‘notifications’. In most cases these notifications are not malicious, but several firms are paying site owners to install notification scripts to sell to scammers.

Normally, a website will ask permission to send notifications (as long as you approve the request), which results in messages that pop up outside of your browser. Krebs lists an example, “Microsoft Windows systems they typically show up in the bottom right corner of the screen — just above the system clock. These so-called “push notifications” rely on an Internet standard designed to work similarly across different operating systems and web browsers.”

Unfortunately many users do not know what they are signing up for to when notification are approved. It’s also nearly impossible for a user to tell the difference between a notification sent by a website or one that is made to appear by another program that could be using this information against you.  

For reference, here is what a general pop up looks like: 

It’s important to teach your users to be suspicious of any activity on their workstations, including allowing websites to show notifications. New-school security awareness training can ensure your users know how to stay alert and apply best practices in their day to day tasks. 

Krebs has the full story


SOURCE: KnowBe4.com

Partner, Law Firm

We hired IT360 as our computer hardware and software computer consultants when the company first went into business. Since then, they have helped us purchase new software and hardware equipment that we have instituted into the law firm. Any time we needed them to be there they have been. They have solved all of our problems including: stand alone computers, networking issues, Internet access issues, and software. I would highly recommend IT360 to anybody who needs help in these areas.

Partner, Law Firm

Recent
Technology News

IT 360 News
Threats and Infrastructure

From Arctic Wolf SUMMARY On February 7, 2024, CISA issued an advisory detailing their discoveries concerning state-sponsored cyber actors linked to the People’s Republic of China (PRC). Notably, the PRC-affiliated threat actor, Volt Typhoon, is actively engaged in efforts to infiltrate IT networks, with the potential aim of launching cyberattacks on vital U.S. infrastructure in […]

Read more
IT 360 News
Multi-Factor Authentication

By Cybersecurity & Infrastructure Security Agency OVERVIEW Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users […]

Read more