Hijacking secured connections to inject a payload that doesn’t actually come from the source is not a legitimate form of notification - it’s a malicious infrastructure attack.