Scammers use the email communication to send out the latest Firefox update package which is attached with a password stealing Trojan. The email subject on this update is named New version released and the sender is somewhat from a user which has the email domain of ‘firefox.com’. If you are a regular user of this browser, you will know that since when they even bother to send you any email on the browser update? It could been easier if they just notify you from your browser that there is a new update and ask you patch from there. Hence if you have encountered any email as below, please do not click on any of the links.
The Fake Firefox Email Content
Subject: New version released
A Firefox software update is a quick download of small amounts of new code to your existing Firefox browser. These small patches can contain security fixes or other little changes to the browser to ensure that you are using the best version of Firefox available. Firefox is constantly evolving as our community finds ways to make it better, and as we adjust to the latest security threats. Keeping your Firefox up-to-date is the best way to make sure that you are using the smartest, fastest and . most importantly . safest version of Firefox available. A Firefox update will not make any changes to your bookmarks, saved passwords or other settings. However, there is a possibility that some of your Add-ons won.t be immediately compatible with new updates.
For security reasons please update your firefox version now
The password stealing Trojan is known as Troj/Mdrop-DPO by Naked Security recently. However, it was previously found by them as Troj/PWS-BSF. It doesn’t really matter what name you want to call the Trojan. Because towards the end, the lesson here is that URL from email should not be 100% trusted. Even if you think the person has the email domain of a legitimate one, but that can easily be faked out. The proper way to update your web browser is to run an update using the web browser itself. Alternatively, you can also go to the official site and download the latest version. Clicking directly from the email address do gives we all a good convenience, but we we know that convenience and security don’t really work very well together. Final reminder to fellow readers, try not to click any link at all from your email address.
Join the IT Security Column Facebook page now and get the latest news on all the IT security stuff apart from the Firefox Trojan scam.