We’re recently seeing many new attempts to gain entry into computers, and unfortunately, many people are fooled into believing these false alerts are true.
What do I mean by this?
An alert will pop up in the lower-right corner of the screen, just above the time and date. This area is where legitimate notifications pop up (which gives us a clue as to how these false alerts are being generated). They usually look something like this:
But there’s a large variety of these that often cycle through from one to another every few seconds. Here are a few I’ve captured with snapshots:
Remember, all of these are false! They are designed to get you to click on them, so DON’T DO THAT! Some varieties have a phone number to call, so DON’T DO THAT! Some of them make everything feel more urgent by loudly playing a voice or siren noise. Don’t fall for it. If you only see a false warning, remember, it’s FALSE! You don’t necessarily have a problem with malware or a virus. Instead, this is a sneaky way to gain access to your computer to do things like access financial info, gain email access, or install other forms of malware—it’s a scam.
That’s why they need you to call the phone number or to click on the alert. If you click on them, you often grant permission (to what is so far only a false notification) to install malware or spyware or do other things. We have seen that these warnings are false, so when you click on these warnings to “Remove” malware or viruses or run antivirus, that’s not what’s going to happen. Anywhere you click will grant permission for the false notification to take another step toward controlling you or your computer, whether by convincing you to call a phone number where an “agent” will show you how to install remote access software by which they infiltrate your computer with remote access software (see below), access financial accounts, access or steal your email account, and otherwise do what criminals do.
We don’t want that to happen.
Back to the false warnings. Most of the time these warnings are classified as Notifications, which are a common and legitimate way of bringing attention to you in Windows 10 or 11. You may see that someone posted a comment on something you posted, for instance, or that you’ve received an email, or that a file backup has completed. Common stuff. This is why these Notifications aren’t flagged by active antivirus software. But these false warnings are a form of Notification that is also false.
The image above gives us a clue as to what’s going on, as alluded to previously. Here we see a false alert, but we can see within the orange rectangle this is a Notification from a web address, and that its origin is India, by the country code at the end of the link, .co.in.
So we have observed this is a web address Notification, but it’s false, and being sent from India directly to your computer. So far we have no indication of harm, and it can be easy to switch this off. The notification is coming from a specific site or source, as we can see in the snapshot above. Most of the time, this means the notification is originating from within a browser, such as Chrome or Edge. If so, here’s how we can check notifications settings and switch them off. First open either Edge or Chrome, most likely whichever you use most. In this example I’ll show Edge’s site notification settings, (since we do not allow Chrome on our computers):
If you see the India site listed here (or any other site you don’t want to send notifications) you can simply toggle notifications off for that site. That may be all you need to do!
Fine, but we haven’t discovered how the site gained this Notification privilege. How this happens is much more complicated, since multiple sources can contribute to this initial false warning problem. Sometimes it’s a false/bad/illegitimate browser extension, sometimes some other piece of malware or adware that may have been installed when installing a downloaded file. We’re still seeing new ways this happens even now. This means switching off notifications from a site may not cure the problem you’re seeing.
Contact us if you see this and are unable (or would like help) to shut off the false notifications and find the root cause and we can get it cleaned up for you.
Take this seriously, and remember, there’s no need to panic, but certainly don’t click on the false warning or call any listed phone numbers. We’ve shown why this type of notification is false, particularly if you don’t use the anti-virus brand(s) listed in the false warning.
Stay alert. Stay safe.