Malware-remover.online Pushes Known Fake Virus Scam

deceptive site browser hijacker

Our researchers discovered the malware-remover.online rogue page while inspecting suspicious websites. It operates by running scams and promoting spam browser notifications. This webpage can also redirect users to different (likely dubious or misleading) sites.

Most visitors to malware-remover.online and similar pages access them via redirects caused by websites that use rogue advertising networks.

It is noteworthy that the content encountered on and through rogue websites might differ based on the visitor's IP address/ geolocation.

At the time of research, malware-remover.online promoted a well-known fake virus warning scam. It consists of a fake system scan that finds various issues and threats on the visitor's device. Typically, the goal is to trick users into downloading or installing unreliable or even malicious software.

Malware-remover.online also requested the visitor to enable its browser notification delivery. If allowed, the webpage will start spamming the user with notifications and advertisements that endorse online scams, untrustworthy or dangerous software, and potential malware.

How Can Misleading Sites Abuse Push Notification Functionality to Spam Ads?

Misleading websites can abuse push notification functionality to spam ads by taking advantage of users' permission settings and manipulating their browsers. Here's how they typically do it:

  • Deceptive Dialog Boxes: Misleading sites often use deceptive dialog boxes that mimic legitimate browser notifications or alerts. These pop-ups are designed to confuse users and trick them into clicking the "Allow" button, granting the site permission to send push notifications.
  • Fake Content and Promises: To persuade users to click "Allow," these sites may display fake content or make false promises. For example, they might claim that users need to enable notifications to access content, view a video, or download a file.
  • Multiple Pop-Ups: Some misleading sites bombard users with multiple pop-up notifications in quick succession, making it difficult for users to decline them in time. This can lead to accidental permission grants.
  • Notification Spam Campaigns: Once users have granted permission, the misleading site can send a barrage of push notifications, often containing ads or links to affiliate marketing pages. These notifications can be intrusive and disruptive.
  • User Engagement Manipulation: Some sites use social engineering techniques to manipulate users into interacting with notifications. They might falsely claim that users have won a prize or that their system is infected, urging users to click on the notifications for further instructions.
  • Redirects: Misleading sites may also employ browser redirects to lead users to pages that trigger push notification prompts automatically. Users may be caught off guard and grant permissions unintentionally.
  • Browser Vulnerabilities: In some cases, misleading sites exploit vulnerabilities in specific browsers or browser extensions to force notifications or manipulate notification settings without the user's consent.
By Zaib
September 14, 2023
Browser Hijacker
English
September 14, 2023
Browser Hijacker

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Browser Hijacker

Online-deal.click Displays Fake Virus Warnings

During our investigation of various web pages associated with rogue advertising networks, we came across online-deal.click. Upon examination, we determined that this website operates deceptively and runs a scam... Read more

May 19, 2023
Browser Hijacker

Defendpcpro.xyz Uses Fake Virus Scares

Defendpcpro dot xyz is one of the hundreds of similar domains and websites that exist only to mislead and confuse visitors. This type of page falls into the subcategory of "fake virus warning" misleading websites.... Read more

November 11, 2022
Scam

Fullsecuritysystem.com Pushes Fake Virus Warnings

Fullsecuritysystem dot com is the name of a misleading website that is used to push fake virus warnings. When you land on Fullsecuritysystem dot cum, very likely ending up there after you clicked a rogue ad on a... Read more

June 20, 2022
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.