Threat Database Rogue Websites

The rogue page was discovered by cybersecurity researchers during their investigation of suspicious websites. The page is intended to promote scams and send spam browser notifications to unsuspecting visitors. In addition, this website is capable of redirecting users to other potentially dangerous or untrustworthy sites. Typically, users are redirected to such pages through websites that utilize rogue advertising networks. Tricks Visitors with Fake Security Alerts and Scams

When users visit rogue sites, the behavior of such sites may vary depending on the user's IP address (geolocation). The content presented on the webpage may be tailored to the user based on their location. In the case of, our investigation found that it runs a variant of the 'McAfee - Your Card Payment Has Failed!' scam. The scam falsely claims that the user's anti-virus subscription has expired and their device is at risk. It should be noted that this scam has no affiliation with the actual McAfee company. Typically, such content is used to promote fraudulent, unreliable, harmful, and even malicious applications.

Furthermore, requests permission to deliver browser notifications. If granted, the page displays notifications and advertisements that endorse online scams, untrustworthy or dangerous software, and even malware.

How To Prevent Rogue Websites Like from Delivering Dubious Notifications?

To prevent deceptive sites from delivering spam notifications, users can start by being cautious when browsing the internet and avoid visiting suspicious or untrustworthy websites. They should also review and adjust their browser settings to disable notification requests from unknown or unwanted sources. Additionally, users can install and regularly update reputable anti-virus and anti-malware software on their devices. It is also important to keep all software up-to-date to address known vulnerabilities that can be exploited by cybercriminals. Finally, if users accidentally allow notifications from a deceptive site, they should immediately revoke the permission in their browser settings.

URLs may call the following URLs:


Most Viewed