I have edited the link in your post so it is not clickable.

The file I am receiving is not too problematic, but the files will probably vary by download address.

If you ok using that site in a separate tab, maybe you would this time try.

• to save the web page. It would be interesting to look at.
  the right click and save page option will probably work.edit unwise to try
• see also thread WARNING FBI LOCKED BROWSER!!! /questions/981475
  • do both the solutions given there work ok for you ?

First, thank you for editing the link to deactivate it. I would have put it in that way if I'd known how, but I did want people to see the url because others might have the same issue. Second, that link solves the main problem of getting away without killing the browser. However, it does leave the original question unanswered: how can I report that site so that Firefox blocks it as an attack site?

You will have the option to report as a web forgery (It is malicious and impersonating the FBI) from the help menu. I have also done that. What you could also try to do is

• Report the site that had the original link on it, and advise the site themselves
• Consider reporting to https://www.fbi.gov/scams-safety/e-scams -> https://www.ic3.gov/default.aspx
  • Don't be surprised by the shield and warning from Firefox, the FBI site is not secure !!

I did risk opening the file myself as I knew you had already done so without reporting damage. (I usually do so from a memory stick OS to reduce risk). It does contain quite a bit of code in common with that from the page in the other other thread.

Also see

• How does built-in Phishing and Malware Protection work?
  • https://www.stopbadware.org/report-badware
• https://www.google.com/safebrowsing/report_badware/

No, I didn't download any files. Of course, I'm sure it would have been safe for me because I use Linux, and whatever malware they're delivering is Windows-specific. Still, thanx for reporting this and for all of your help.

I use Linux too, but try not to be too complacent about it security wise. It lacks proper AV etc software. Macs and Android are being target more frequently, the same could happen with Linux. At least it is easy and cost free to install as many copies as you want.

I hope any compromise from opening such files would be limited to the memory stick or partition used. I also use restricted, not admin accounts for day-to-day browsing.

The particular file / link you are reporting does not even lock my normal browser as I routinely use no-script.

• http://noscript.net/

Firefox is moving towards restricting plugins natively, but moved in the opposite direction with JavaScript and removed the easy UI option to disable js.

I have not tested this form of attack on Windows yet, it affects Firefox but not Google Chrome,and Windows IE may also be immune to this.

Check out the Mozilla Add-ons Web Page. I use an add-on called BlockSite. Here's hoping it works.

Problem with that is it only works after the event. No script allows blocking of scripts pre-emptivley , on reload and selectively.

Check out the Mozilla Add-ons Web Page. I use an add-on called BlockSite. 

• General link for BlockSite https://addons.mozilla.org/firefox/addon/blocksite/
  (Does not seem to have a proper support site)

I used the Insert A Link to shorted the post. The word BlockSite and Mozilla Add-Ons Web Page in the post above are links.

i tested this in Chromium on linux and it just brings up a stupid moneypak crap FBI scam, tried to close the page and it brung a js box yelling YOUR COMPUTER IS LOCKED, after that it closed the page, but no processes were force killed (chrome/chromium is multiprocess).

I did start out by warning you not to go there; what else did you expect?

I run linux so there is much less of a chance (not zero chance but almost zero) of getting infected by malware, just wanted to see what it would do in chrome/ium.

See John99's comment around 7:30 EST

I have not tested this form of attack on Windows yet, it affects Firefox but not Google Chrome,and Windows IE may also be immune to this.

Hi Waka_Flocka_Flame, I think there is a bug on file with Mozilla to suppress multiple instances of the "Stay on Page" / "Leave Page" dialog, which will make Firefox behavior similarly to Chromium and prevent entrapment. At least this particular method of entrapment.

P.S. I have no intention of visiting that page in Internet Explorer! IE 10 and IE 11 have automatic crash recovery, which could create an annoying loop like the one in Firefox.

On the topic of the original post, the servers being exploited for this should start showing up in the phishing database, no? Maybe the list of addresses is mutating too quickly to be blocked that way.

Just as a comment, I've run into a few "link farms" that have that warning pop up if you try to back up or close the tab, but mostly they don't ask more than once or twice. The weird thing is that I've seen pages where it pops up if you click on any of the links, rendering the page almost pointless. Just another example of how stupid some people are.

The URL is so long, I can't even put it into this page.

• http://www.mozilla.org/en-US/legal/fraud-report/

The url as posted is only for fraudulent use of Mozilla's trademarks. However, there's an option for this on the Help menu, and that's all I need.

Yes the Mozilla link suggested by waka above is for Mozilla trademark misuse/fraud reporting and not not for this.

Report the site at http://www.google.com/safebrowsing/report_phish/ which is the same when done while on site by going to Help -> Report Web Forgery