When Pop-Ups Pretend to Be Work Alerts

We’ve seen a rise in tickets lately caused by a sneaky trick: malicious website notifications disguised as legitimate work alerts. These pop-ups often look like they’re coming from trusted tools (like SharePoint or HR portals), but in reality, they’re phishing scams designed to steal credentials or trick you into clicking dangerous links.

Here’s how a malicious notification can look when disguised as a corporate alert — don’t fall for it, even if it seems work-related.

Why This Is Dangerous

Once you click Allow, these fake notifications can:

• Flood your desktop with scam alerts.
• Mimic system or application messages to lower your guard.
• Trick you into clicking links that lead to phishing pages or malware.
• Steal login credentials to your Microsoft 365, HR system, or other sensitive accounts.

Even if you don’t interact further, the nonstop alerts cause confusion and waste valuable time.

Red Flags to Watch For

What To Do If You See One

1. Don’t click the link. Close the pop-up right away.
2. Report it to IT (or our helpdesk). We can remove the unwanted permissions and check your device.
3. Run a quick security scan. This helps confirm nothing harmful slipped in.

Prevention Tips

• When in doubt, always click “Block.” Most legitimate sites don’t need notification permissions.
• Double-check domains. Hover over links to confirm they match your company’s official sites.
• Review your browser settings. Remove any sites that don’t belong on your notification list. The National Cyber Security Center has a step-by-step guide for each browser.
• Stay alert for familiar disguises. Just because it looks like SharePoint (or another trusted app) doesn’t mean it is.

Bottom line: Cybercriminals know that disguising scams as “work-related” makes them harder to spot. But with a little awareness and caution, these tricks are easy to avoid. Remember, when in doubt – verify!