Phishing Pop Ups → < FREE >

If a suspicious pop-up appears:

  • Do not restart browser from pop-up – Instead, reopen manually.
  • Clear browser cache & cookies – Removes any malicious redirect scripts.
  • Run an antivirus/anti-malware scan – e.g., Malwarebytes, Windows Defender.
  • Reset browser settings if pop-ups keep reappearing.

    • Standard ad-blockers are not enough. Use uBlock Origin (free, open-source) and subscribe to the “Peter Lowe’s ad and tracking server list” plus “Phishing Army” filter. These lists block known phishing pop up domains before they load.

    function onPopupDetected(popupWindow, sourceTab) 
  const popupUrl = new URL(popupWindow.url);
  const parentUrl = new URL(sourceTab.url);

    // Rule 1: Cross-origin pop-up asking for credentials
if (popupUrl.origin !== parentUrl.origin) suspended phishing pop ups
    

    // Rule 2: Known phishing domain
if (isPhishingDomain(popupUrl.hostname)) 
blockAndWarn(popupWindow, "This domain is listed in our phishing database");
return;

    

    // Rule 3: Fake brand impersonation
const brandMatch = detectBrandImpersonation(popupWindow.document, parentUrl);
if (brandMatch) 
blockAndWarn(popupWindow, This pop-up impersonates $brandMatch);
return;
 If a suspicious pop-up appears:

    A red, blaring phishing pop up freezes your browser (or appears to). It warns: “System Error #0x80070422 – Call Microsoft Support immediately.” The phone number provided connects to a fake call center that will charge you hundreds for unnecessary “repairs.” Do not restart browser from pop-up – Instead,

    To defeat an enemy, you must understand its construction. A modern phishing pop up is not just a picture of a warning sign; it is a carefully engineered psychological trigger.