ACCORDING to Malwarebytes, quiz sites can trick users into enabling unwanted browser notifications by presenting a prompt that says “Show notifications” and a misleading “Click Allow to continue” message, with the actual aim of granting permission to push notifications even when not on the site. The main goal of these sites is to monetise via ads, affiliate schemes, scams or unwanted downloads, rather than to install malware on the device.
Researchers traced the campaign to domains such as unsphiperidion.co[.]in and triviabox.co[.]in, where quizzes are used as a lure to prompt the user to start the quiz and later receive notifications. The article explains how to remove and block these web push notifications across major browsers, including Chrome, Firefox, Opera, Edge and Safari, with step-by-step settings to block or manage permissions.
It also lists several indicators of compromise (IOCs), including a number of related domains such as dailyrumour.co[.]nz, edifaqe[.]org and quizcentral.co[.]in, which were observed in the investigation.