If a browser notification says your device is infected, do not click it; remove that website's notification permission. Websites cannot diagnose a whole computer through a notification banner. The alert is often an advertisement or scam using permission you granted earlier.
Why the message looks like the system
Web notifications can appear in the operating system's notification area even after the original tab is gone. A deceptive site can copy security colors, product names and urgent language. The browser or site icon may be small enough that the message feels like it came from Windows, macOS or Android.
Chrome's Safety Check reviews potentially unwanted notifications and says it may remove permission from sites Safe Browsing identifies as deceiving users into granting it. Firefox lets users inspect and revoke notification permissions in privacy settings. These protections help, but the direct fix is to remove the grant.
Remove the permission
In Chrome
- Open Settings > Privacy and security > Site settings > Notifications.
- Find the unfamiliar or abusive site in the allowed list.
- Remove or block it.
- Review other allowed sites while you are there.
In Firefox
- Open Settings > Privacy & Security.
- Find Permissions, then Notifications and Settings.
- Select the site and block or remove it.
- Save the change.
Do not follow the alert's instructions
- Do not call its phone number.
- Do not install a cleanup extension or remote-support app.
- Do not enter payment or account credentials.
- Do not allow a download simply to make the alert disappear.
Close the notification and browser tab. If the page traps the browser, end the browser process, reopen without restoring the suspicious tab, and clear that site's permissions. Run the security tool already built into or installed on the device if you downloaded something—not the product advertised by the alert.
Prevent the next grant
Treat notification requests like camera or microphone permissions. A news site can function without pushing alerts. A shipping service may have a clear reason. Deny requests that appear before you have used the site or that block content until you agree.
Browser notification abuse is powerful because it escapes the visual boundary of the webpage. Once you know the message still belongs to a site, the solution becomes simple: revoke the site's ability to speak outside its tab, then investigate only if you actually installed or opened something.
Check whether anything else happened
If you only allowed notifications and never opened a download, installed software, shared a password or granted remote access, revoking the permission usually addresses the visible problem. If you did take one of those actions, treat it as a separate incident: remove the download, uninstall unknown software, change exposed credentials from a trusted device and review account sessions. The notification itself cannot tell you whether malware exists.
Sources & methodology2 sources - evidence for this revision
The records below show what each source supports in this published revision.
- Manage Chrome safety and securityGoogle Chrome Helpreference - Retrieved Jul 12, 2026
What it supportsChrome Safety Check can identify unwanted notifications and removes permissions from sites found to deceive users into granting them.
- Web Push notifications in FirefoxMozilla Supportreference - Retrieved Jul 12, 2026
What it supportsFirefox allows users to review and change website notification permissions.



