{"id":23431,"date":"2023-11-21T15:10:05","date_gmt":"2023-11-21T23:10:05","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2023\/11\/21\/news-17161\/"},"modified":"2023-11-21T15:10:05","modified_gmt":"2023-11-21T23:10:05","slug":"news-17161","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/11\/21\/news-17161\/","title":{"rendered":"How to stop fake System notifications on macOS"},"content":{"rendered":"\n<p>Scammers are abusing an Apple feature that allows websites to create push notifications that look like they&#8217;re coming from macOS, or apps. The  notifications try to scare users into clicking a link with fake virus alerts or messages saying their account has been hacked.<\/p>\n<p>Years ago we warned our readers about the introduction of browser push notifications because we felt they were a <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2019\/01\/browser-push-notifications-feature-asking-abused\">feature waiting to be abused<\/a>. At the time we focused on Windows users, but recently we are seeing examples of macOS users being plagued by this pest.<\/p>\n<figure class=\"wp-block-image aligncenter size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"354\" height=\"65\" src=\"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2023\/11\/Afbeelding1.png\" alt=\"Gmail alert: Account has been.. Your data may be stolen. Fake alert by unnamed website\" class=\"wp-image-98020\" \/><\/figure>\n<figure class=\"wp-block-image aligncenter size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"358\" height=\"71\" src=\"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2023\/11\/Afbeelding2.png\" alt=\"Your iCloud has been hacked notification by &quot;ASK YOU&quot;\" class=\"wp-image-98021\" \/><\/figure>\n<p>As Apple proudly <a href=\"https:\/\/developer.apple.com\/notifications\/safari-push-notifications\/\">announced<\/a>:<\/p>\n<blockquote class=\"wp-block-quote\">\n<p>Use the Apple Push Notifications Service to send notifications to your website users, right on their Mac desktop \u2014 even when Safari isn\u2019t running. Safari Push Notifications work just like push notifications for apps. They display your website icon and notification text, which users can click to go right to your website.<\/p>\n<\/blockquote>\n<p>Do you see the problems?<\/p>\n<ul>\n<li>&#8220;Even when Safari isn&#8217;t running.&#8221; So how are users supposed to know where the notifications are coming from?<\/li>\n<li>&#8220;Work just like push notifications for apps.&#8221; My point exactly. How can we distinguish them from actual system notifications?<\/li>\n<li>&#8220;They display your website icon.&#8221; Website icons are controlled by the website owner, so they can used the system settings icon for their website, making their notifications look like system notifications.<\/li>\n<\/ul>\n<figure class=\"wp-block-image aligncenter size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"714\" height=\"378\" src=\"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2023\/11\/Afbeelding3.png\" alt=\"The Websites section in Safari settings shows a website that uses the macOS System Settings icon\" class=\"wp-image-98022\" \/><figcaption class=\"wp-element-caption\">The Websites section in Safari settings shows a website that uses the macOS System Settings icon<\/figcaption><\/figure>\n<p>These settings can appear in Safari Settings or System Settings, and you can remove them by following the instructions below.<\/p>\n<h2 class=\"wp-block-heading\" id=\"h-application-notifications\">Application Notifications<\/h2>\n<p>Open your Apple <strong>System Settings<\/strong> and then select the <strong>Notifications<\/strong> tab along the left.<\/p>\n<p>Scroll down the list under <strong>Application Notifications<\/strong> and look for any websites that have permission to send you notifications. The entry may have a name designed to mislead you, such as &#8220;ask you&#8221; or &#8220;Notifications&#8221;.<\/p>\n<p>Under each item you will be able to see what type of notification permissions it has. To stop these, just click on the entry and turn off the slider at the top which will disable notifications for this item. <\/p>\n<figure class=\"wp-block-image aligncenter size-large\"><img decoding=\"async\" loading=\"lazy\" width=\"1226\" height=\"535\" src=\"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2023\/11\/Afbeelding5.png?w=1024\" alt=\"Applications notifications section with &quot;ask you&quot; highlighted \" class=\"wp-image-98025\" \/><figcaption class=\"wp-element-caption\">A website listed under Application Notifications with a misleading name and icon<\/figcaption><\/figure>\n<h2 class=\"wp-block-heading\" id=\"h-safari-settings\">Safari Settings<\/h2>\n<p>In the Safari app\u00a0on your Mac, choose <strong>Safari<\/strong>\u00a0and click <strong>Settings<\/strong>. Click <strong>Websites<\/strong>, then click <strong>Notifications<\/strong>.<\/p>\n<p>Scroll through the list of websites and look for websites that don&#8217;t want to receive notifications from. Anything that shows <strong>Allow<\/strong> can send you messages, so switch them to <strong>Deny<\/strong> if you do not want to see their messages.<\/p>\n<hr class=\"wp-block-separator has-text-color has-cyan-bluish-gray-color has-alpha-channel-opacity has-cyan-bluish-gray-background-color has-background is-style-wide\" \/>\n<p><strong>We don\u2019t just report on threats\u2014we remove them<\/strong><\/p>\n<p>Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/for-home\">downloading Malwarebytes today<\/a>.<\/p>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/11\/how-to-stop-fake-system-notifications-on-macos\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> Browser push notifications are becoming a problem on macOS. Learn how to remove them. <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[2211,30529,10403,32,12351,20991],"class_list":["post-23431","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-apple","tag-ask-you","tag-macos","tag-news","tag-notifications","tag-push-notifications"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23431","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=23431"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23431\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=23431"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=23431"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=23431"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}