Fake Firefox fix hides password-filching trojan
Scammers are sending out huge numbers of fake emails pretending to be from the Mozilla Foundation, maker of the popular multi-platform web browser Firefox.
The spam-flavoured missives, with titles along the line of 'New Version Released' and which appear to have been sent from various email addresses ending in @firefox.com contain links to malicious executables which ride in on what appears to be a genuine update to Firefox 5.0.1.
The trojan, identified by Sophos as Troj/PWS-BSF, is reportedly capable of stealing passwords.
Firefox automatically updates itself by default so any email purporting to offer to do it for you is definitely a fake. Mozilla doesn't send update notices vie email or any method other than the in-app notifications.
Here's the text of the spam email, which you should delete without opening. And definitely don't click on the link which, for obvious reasons, we have deleted.
Important notice
A Firefox software update is a quick download of small amounts of new code to your existing Firefox browser. These small patches can contain security fixes or other little changes to the browser to ensure that you are using the best version of Firefox available.
Firefox is constantly evolving as our community finds ways to make it better, and as we adjust to the latest security threats. Keeping your Firefox up-to-date is the best way to make sure that you are using the smartest, fastest and . most importantly . safest version of Firefox available.
A Firefox update will not make any changes to your bookmarks, saved passwords or other settings. However, there is a possibility that some of your Add-ons won.t be immediately compatible with new updates.
Scammers are sending out huge numbers of fake emails pretending to be from the Mozilla Foundation, maker of the popular multi-platform web browser Firefox.
The spam-flavoured missives, with titles along the line of 'New Version Released' and which appear to have been sent from various email addresses ending in @firefox.com contain links to malicious executables which ride in on what appears to be a genuine update to Firefox 5.0.1.
The trojan, identified by Sophos as Troj/PWS-BSF, is reportedly capable of stealing passwords.
Firefox automatically updates itself by default so any email purporting to offer to do it for you is definitely a fake. Mozilla doesn't send update notices vie email or any method other than the in-app notifications.
Here's the text of the spam email, which you should delete without opening. And definitely don't click on the link which, for obvious reasons, we have deleted.
Important notice
A Firefox software update is a quick download of small amounts of new code to your existing Firefox browser. These small patches can contain security fixes or other little changes to the browser to ensure that you are using the best version of Firefox available.
Firefox is constantly evolving as our community finds ways to make it better, and as we adjust to the latest security threats. Keeping your Firefox up-to-date is the best way to make sure that you are using the smartest, fastest and . most importantly . safest version of Firefox available.
A Firefox update will not make any changes to your bookmarks, saved passwords or other settings. However, there is a possibility that some of your Add-ons won.t be immediately compatible with new updates.
