Attempts to Mislead Visitors

While examining misleading websites, we came across Upon investigation, it became evident that this deceptive site actively encourages browser notification spam and redirects users to other sites, which are likely to be unreliable or malicious.

Most individuals who visit and similar sites are directed there through redirects initiated by websites utilizing unscrupulous advertising networks.

The behavior of these deceitful pages may vary based on the IP addresses or geolocations of the visitors. In simpler terms, this data can influence the content that users encounter on these websites.

During our examination of, we identified two variations of its appearance. In both cases, the site employed fake CAPTCHA tests as a means to prompt users to enable browser notifications. If a visitor falls for this deceptive test, they unwittingly grant permission for to send them browser notifications.

These notifications, essentially advertisements, primarily promote online scams, untrustworthy or harmful software, and potential malware.

How Can Misleading Sites Abuse Push Notifications for Ad Spam?

Misleading sites can abuse push notifications for ad spam by exploiting the feature's legitimate functionality. Here's how they typically carry out this abuse:

Deceptive Prompt:
Misleading sites often use deceptive tactics to prompt users to subscribe to push notifications. They may employ fake CAPTCHA tests, misleading buttons (e.g., "Allow" instead of "Close"), or other misleading elements to trick users into allowing notifications.

Fake Content:
These sites might display fake content or messages to create a sense of urgency or importance, urging users to enable notifications for various reasons, such as access to exclusive content, claiming a prize, or ensuring security.

Browser Vulnerabilities:
Some misleading sites exploit vulnerabilities in browsers to force push notification subscriptions without the user's explicit consent. This could happen through malvertisements or other malicious scripts.

Social Engineering:
Social engineering techniques are often employed to manipulate users. Misleading sites may create fake messages or alerts that appear to come from the browser, instructing users to enable notifications for security or verification purposes.

Subscription Overlay Pop-ups:
Overlay pop-ups can cover the main content of a website, making it difficult for users to navigate away without interacting with the prompt. Misleading sites may use this technique to force users into subscribing to notifications.

Browser Compatibility Warnings:
Some sites display fake browser compatibility warnings, claiming that users need to enable push notifications to ensure proper viewing or functionality. This is a deceptive way to trick users into subscribing.

November 24, 2023

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.