Cookies, Notifications, and clickable links

One aim of a "lightweight" web criminal is
to get you to click a link.
Its easy, cheap and can work for years without any effort on their part.

 

Why is clicking a link hazardous?

Clicking on a link can expose your computer to infection - and expose you to all kinds of scams. You should always check out a link to see if its safe. I'll show you how to do this in a moment.

First lets look at two dialogs you often see when browsing: A "cookie acceptance" dialog - generally innocuous; and a "push notification" dialog which may not be.

Both of these will get you used to clicking "accept" - but you need to be wary of doing so.

Cookies are (usually) safe

cookies

Often a site you visit will not work - or not work smoothly - without cookies.

Cookies in themselves arent harmful, but they can expose your browsing habits - so perhaps let a company know what products you have been considering.

What is a cookie

A cookie is a tiny bit of information that gets stored on your device. Its too small to hold a virus. Websites use cookies to streamline your web experiences. Without cookies, you'd have to login again after you leave a site or rebuild your shopping cart if you accidentally close the page. Shopping sites use cookies to track items users previously viewed, allowing the sites to suggest other goods they might like and keep items in shopping carts while they continue shopping.

So many sites rely on cookies that often you will not be able to use the site until you have agreed to cookies via the "accept" button. It becomes a habit.


Push notifications - often dangerous

push request

 

By allowing a site to send notifications you are giving them permission to put any message or content they wish on your desktop at any time.

What is a notification

Push notifications are short messages that pop up on the user's mobile or desktop, nudging them to take some action. It comes from a site you have visited when you have given permission to send it. Sometimes this can be a reminder of an appointment, a delivery, a travel cancellation - or just be a reminder of a special offer.

Be suspicious - WHY does the company want to put messages on your screen at its own convenience?

You should only EVER allow them if you trust the site and WANT to get notifications from them. Fortunately they can only do this if you give them permission.

IMPORTANT: Allowing permission for a push notification is easy. There is presently NO easy way to withdraw that permission.

What harm can push notifications do?

In themselves just be a nuisance popping up whenever you are browsing; but they can put misleading messages up that will worry you into taking action (such as clicking a link).. Here are two examples. The buttons (clean the computer, click here to fix the error, or in #2 "fix the problem") are all links, so you can check them as you see below. REMEMBER ANY part of the notification can be a link - even the X.


A push notification

push 1

Another push notification

push 2


How to check a link

HMRC Tax Returns Online <- this is a link

Rest your mouse cursor over the link above - DONT CLICK! This is called hovering. At the bottom left of your browser screen you will see some text telling you where the link will take you. Notice that the text does NOT say "HMRC etc" or anything remotely similar. This is a clue that the link may not be safe.

Try hovering over this link - would it be safe to click? What do you read in the text (bottom left of browser screen).

 

 

There is no obvious indication that this image is also a link, but if you hover your mouse over it you will see the link address in the bottom left of your browser window.

Now click on the image to see what happens.

It IS safe - its a test of your virus protection.

Links to downloads

A link can also trigger a download.

This is one way you can get useful programs for your PC; for example THIS PAGE will let you download a program that can check the health of your hard drive.

If you click the green button on that page to start the download ..

You should see a window like this

 

In this case its safe to save it - its a useful program.

However download links aren't always so obvious nor so innocent.