X
Tap here to go to the mobile version of the site.

Support Forum

Is "Reported Web Forgery! This web page at 69.73.182.154 has been reported as a web forgery and has been blocked based upon your security preferences" legit?

Posted

Yesterday my wife received a "Unauthorized Access Notice" email supposedly from alerts@citibank.com, which asked that the attached document be filled out with name, address, SSN, DoB, ATM card number and PIN , etc. Thinking it legitimate she filled it in, and clicked on "Continue", at which point the "Reported Web Forgery!" screen popped up with the URL in the question line above. When clicking on "why was this page blocked" she was taken to a Mozilla Support page entitled How does built-in Phishing and Malware Protection work? Is the Reported Web Forgery message legitimately from you and was the content of the form she completed blocked/destroyed, or is she now at risk of identity theft? In other words, was the "reported Web Forgery" page part of the phisher's scam, or is her information safe?

Yesterday my wife received a "Unauthorized Access Notice" email supposedly from alerts@citibank.com, which asked that the attached document be filled out with name, address, SSN, DoB, ATM card number and PIN , etc. Thinking it legitimate she filled it in, and clicked on "Continue", at which point the "Reported Web Forgery!" screen popped up with the URL in the question line above. When clicking on "why was this page blocked" she was taken to a Mozilla Support page entitled How does built-in Phishing and Malware Protection work? Is the Reported Web Forgery message legitimately from you and was the content of the form she completed blocked/destroyed, or is she now at risk of identity theft? In other words, was the "reported Web Forgery" page part of the phisher's scam, or is her information safe?

Chosen solution

There is a good chance the form was never sent (I'm not sure how the form was submitted since I don't have the e-mail so I can't promise it wasn't sent) and so your information is safe, but you should still take steps to ensure that you protect your identity immediately, place fraud notices on your credit and debit cards, change your online passwords, pin numbers, etc. Remember that your bank will never e-mail you asking for your information, they have it all already, why do they need to verify it? Those e-mails are always scams.

Read this answer in context 8

Additional System Details

Installed Plug-ins

  • Shockwave Flash 12.0 r0
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • iTunes Detector Plug-in
  • 5.1.30214.0
  • Picasa plugin
  • Adobe PDF Plug-In For Firefox and Netscape 11.0.06
  • Intel web components for Intel® Identity Protection Technology
  • Intel web components updater - Installs and updates the Intel web components
  • LogMeIn, Inc. Remote Access Components
  • Microsoft Lync Web App Plug-in
  • Citrix Online App Detector Plugin
  • A plugin to detect whether the Adobe Application Manager is installed on this machine.
  • VLC media player Web Plugin 2.0.2
  • Citrix Receiver Plugin (Win32)
  • NPWLPG
  • The plug-in allows you to open and edit files using Microsoft Office applications
  • Office Authorization plug-in for NPAPI browsers

Application

  • Firefox 27.0.1
  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
  • Support URL: https://support.mozilla.org/1/firefox/27.0.1/WINNT/en-US/

Extensions

  • LogMeIn, Inc. Remote Access Plugin 1.0.0.1024 (LogMeInClient@logmein.com)
  • Troubleshooter 1.1a (troubleshooter@mozilla.org)
  • Xmarks 4.2.1 (foxmarks@kei.com)
  • Adobe Acrobat - Create PDF 2.0 (web2pdfextension@web2pdf.adobedotcom) (Inactive)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription: AMD Radeon HD 7470
  • adapterDescription2:
  • adapterDeviceID: 0x6778
  • adapterDeviceID2:
  • adapterDrivers: atiu9p64 atiuxp64 atiuxp64 atiu9pag atiuxpag atiuxpag atiumdva atiumd6a atitmm64
  • adapterDrivers2:
  • adapterRAM: 1024
  • adapterRAM2:
  • adapterVendorID: 0x1002
  • adapterVendorID2:
  • direct2DEnabled: True
  • directWriteEnabled: True
  • directWriteVersion: 6.2.9200.16571
  • driverDate: 12-6-2011
  • driverDate2:
  • driverVersion: 8.922.0.0
  • driverVersion2:
  • info: {u'AzureCanvasBackend': u'direct2d', u'AzureFallbackCanvasBackend': u'cairo', u'AzureContentBackend': u'direct2d', u'AzureSkiaAccelerated': 0}
  • isGPU2Active: False
  • numAcceleratedWindows: 1
  • numTotalWindows: 1
  • webglRenderer: Google Inc. -- ANGLE (AMD Radeon HD 7470 Direct3D9Ex vs_3_0 ps_3_0)
  • windowLayerManagerRemote: False
  • windowLayerManagerType: Direct3D 10

Modified Preferences

  • browser.cache.disk.capacity: 358400
  • browser.cache.disk.smart_size.first_run: False
  • browser.cache.disk.smart_size.use_old_max: False
  • browser.cache.disk.smart_size_cached_value: 358400
  • browser.places.smartBookmarksVersion: 4
  • browser.sessionstore.upgradeBackup.latestBuildID: 20140212131424
  • browser.startup.homepage: http://www.nytimes.com/|https://mail.google.com/mail/?shva=1#inbox|http://e9coupe.com/|https://online.citibank.com/US/JPS/portal/Home.do|https://www.linkedin.com/uas/login?goback=&trk=hb_signin
  • browser.startup.homepage_override.buildID: 20140212131424
  • browser.startup.homepage_override.mstone: 27.0.1
  • browser.tabs.warnOnClose: False
  • dom.mozApps.used: True
  • dom.w3c_touch_events.expose: False
  • extensions.lastAppVersion: 27.0.1
  • font.internaluseonly.changed: True
  • gfx.direct3d.last_used_feature_level_idx: 0
  • gfx.direct3d.prefer_10_1: True
  • network.cookie.prefsMigrated: True
  • network.protocol-handler.warn-external.dnupdate: False
  • places.database.lastMaintenance: 1394795754
  • places.history.expiration.transient_current_max_pages: 104858
  • plugin.disable_full_page_plugin_for_types: application/pdf
  • plugin.importedState: True
  • privacy.sanitize.migrateFx3Prefs: True
  • storage.vacuum.last.index: 0
  • storage.vacuum.last.places.sqlite: 1394799229

Misc

  • User JS: Yes
  • Accessibility: No
the-edmeister
  • Top 10 Contributor
  • Moderator
4149 solutions 31259 answers

Helpful Reply

Yes that was a legitimate message! https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work

Question owner

You what happened to the information in the form that was filled out and "sent?"

You what happened to the information in the form that was filled out and "sent?"
Tyler Downer
  • Top 25 Contributor
  • Administrator
  • Moderator
1283 solutions 8494 answers

Chosen Solution

There is a good chance the form was never sent (I'm not sure how the form was submitted since I don't have the e-mail so I can't promise it wasn't sent) and so your information is safe, but you should still take steps to ensure that you protect your identity immediately, place fraud notices on your credit and debit cards, change your online passwords, pin numbers, etc. Remember that your bank will never e-mail you asking for your information, they have it all already, why do they need to verify it? Those e-mails are always scams.

There is a good chance the form was never sent (I'm not sure how the form was submitted since I don't have the e-mail so I can't promise it wasn't sent) and so your information is safe, but you should still take steps to ensure that you protect your identity immediately, place fraud notices on your credit and debit cards, change your online passwords, pin numbers, etc. Remember that your bank will never e-mail you asking for your information, they have it all already, why do they need to verify it? Those e-mails are always scams.