Rujba.co.in Runs Old "Chrome Security Check" Hoax

During our examination of suspicious web pages, our researchers came across the rujba.co.in website. Upon investigation, we determined that rujba.co.in engages in browser notification spamming and directs visitors to other webpages, which are likely to be suspicious or malicious in nature.

Visitors typically access rujba.co.in and similar websites through redirects initiated by sites employing illegitimate advertising networks.

It is important to note that the content displayed on rogue websites may vary depending on the visitor's geographical location, as determined by their IP address. During our analysis of rujba.co.in, we encountered a fraudulent verification test prompting users to click "Allow" to proceed, under the guise of a "Google Chrome Security Check."

If a user falls for this ploy and clicks "Allow," they inadvertently grant permission for rujba.co.in to send browser notifications. Upon clicking "Allow," we were redirected to a page promoting the "You've visited an illegal infected website" scam.

Rogue websites exploit browser notifications to conduct intrusive advertising campaigns. These advertisements often promote online scams, unreliable software, and even malware.

How Can Misleading Websites Abuse Push Notifications for Ad Spam?

Misleading websites can abuse push notifications for ad spam by employing deceptive tactics to trick users into allowing notifications and then inundating them with unwanted advertisements. Here's how they do it:

Deceptive Permission Requests: Misleading websites often employ deceptive tactics to prompt users to allow push notifications. They may use misleading language or fake alerts that claim to be security checks, age verification prompts, or content access requests. These prompts are designed to confuse users and encourage them to click "Allow" without fully understanding the consequences.

Fake Buttons and Dialog Boxes: Some misleading websites use fake buttons or dialog boxes that mimic legitimate browser notifications. These fake notifications prompt users to click on them to continue, but instead of proceeding, they actually trigger the permission request for push notifications.

Bait-and-Switch Techniques: In some cases, misleading websites may initially offer legitimate content or services to attract users. However, once users visit the site, they are bombarded with pop-ups and fake alerts that coerce them into allowing push notifications to access the purported content. Once permission is granted, the website begins spamming users with ads.

Social Engineering Tactics: Misleading websites may employ social engineering tactics to manipulate users into granting permission for push notifications. They may use fear, urgency, or promises of rewards to convince users to click "Allow" without considering the consequences.

Continuous Prompting: Even if users decline or dismiss the initial permission request, misleading websites may continue to prompt them repeatedly until they relent and allow push notifications out of frustration or annoyance.

Once users grant permission for push notifications, misleading websites abuse this privilege by sending a barrage of unwanted advertisements directly to users' devices. These ads can appear as pop-ups, banners, or notifications, interrupting users' browsing experience and potentially leading them to click on malicious links or download harmful software.

To protect against abuse of push notifications for ad spam, users should be cautious when encountering permission requests from unfamiliar websites and carefully review the content and legitimacy of the site before granting permission. Additionally, users can manage push notification settings in their browser preferences to block or limit notifications from suspicious sources.