Malware Popups
Aggressive popups and fake alerts that push malware downloads or fake support numbers.
Last reviewed: 1 June 2026
What this scam is
Malware popups are deceptive browser alerts — fake updates, prizes, infections or 'allow notifications' traps — that lead to malware, scareware, or fake support, and can spam your device with further alerts.
How it works
Triggered by malicious ads or compromised sites, popups urge you to download, call a number, or allow notifications. Allowing notifications floods you with scam alerts; downloading installs malware; calling reaches scammers.
Common red flags
- Popups claiming prizes, infections, or urgent updates
- 'Allow notifications' prompts on dodgy sites
- Pages that resist closing
- Calls-to-action with countdowns
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
Your browser is out of date and at risk! Click Allow and Download to update now.
Payment methods used
- Card via scareware
- Remote-access theft
Who is usually targeted
- General web users
What to do immediately
- Close the tab/browser without clicking the popup
- Block site notifications in browser settings
- Run a reputable security scan; avoid the source site
Evidence to preserve
- Screenshots
- The site URL
- Any file downloaded
Where to report it
- Action Fraud (UK) — UK national fraud & cybercrime reporting centre
- FTC ReportFraud (US) — US Federal Trade Commission fraud reports
- FBI IC3 (US) — US Internet Crime Complaint Center
- Scamwatch (Australia) — Australian competition & consumer reporting
- Your bank's fraud line — Use the number on the back of your card or in your banking app — never a number the caller gives you
Always verify reporting routes and emergency contacts on the official government or agency website for your country.
Frequently asked questions
I clicked 'Allow' on a popup — what now?
Go to your browser's notification settings and remove permission for that site. Run a security scan, and avoid the website that triggered the popup. Don't call any number it displayed.