X
Thinta lapha ukuze uye kuveshini yamakhalekhukhwini kusayithi.

Isithangami Sabeseki

Firefox reports Mozilla Phishing Report page as Potential Security Risk

Kuphostiwe

I just received a "Password Reset Notification" e-mail that looked very scammy,

I right clicked on the link to select "Report Phishing Scam, but when Firefox was going to open the Mozilla Phishing report page, I got "Warning, potential security risk ahead"

I think there's a problem somewhere...!

I just received a "Password Reset Notification" e-mail that looked very scammy, I right clicked on the link to select "Report Phishing Scam, but when Firefox was going to open the Mozilla Phishing report page, I got "Warning, potential security risk ahead" I think there's a problem somewhere...!
Ama-screenshot ananyekiwe
Isicaphuno

Eminye Imininingwane Yohlelo

Fakela amapulagi

  • Shockwave Flash 32.0 r0

Isisebenziso

  • I-ejenti Engumsebenzisi: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Eminye Imininingwane

Umnikazi wombuzo

PS I'm using Thunderbird 60.9.0 32 bit as my mail client

Also, when I clicked on Advanced in Firefox I got:

Web sites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for en-gb.phish-report.mozilla.com. The certificate is only valid for aus2.mozilla.org.

Error code: SSL_ERROR_BAD_CERT_DOMAIN

View Certificate

PS I'm using Thunderbird 60.9.0 32 bit as my mail client Also, when I clicked on Advanced in Firefox I got: Web sites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for en-gb.phish-report.mozilla.com. The certificate is only valid for aus2.mozilla.org. Error code: SSL_ERROR_BAD_CERT_DOMAIN View Certificate

Okulungisiwe ngu graham12

Ingabe lokhu kube usizo kuwena?
Isicaphuno
FredMcD
  • Top 10 Contributor
4259 izisombululo 59635 izimpendulo
Kuphostiwe

The notice you got was a SCAM.

. Whenever you get a message / popup like that;

DO NOT USE ANY OF THE PROVIDED LINKS OR ANY PHONE NUMBERS ! !

Such messages are only Spam that could lead you to Fake Support. Not only can they damage or hack your system, they charge you to do so.

You can report such a site at; Google Report Phishing Page {web link} which is the same when done while on site by going to Help > Report Web Forgery

Help us safeguard Mozilla’s trademarks by reporting misuse {web link}

The notice you got was a SCAM. . '''Whenever you get a message / popup like that;''' <u>'''DO NOT USE ANY OF'''</u> <u>'''THE PROVIDED LINKS'''</u> <u>'''OR ANY PHONE NUMBERS ! !'''</u> Such messages are only '''Spam''' that could lead you to '''Fake Support.''' Not only can they damage or hack your system, they charge you to do so. You can report such a site at; '''[http://www.google.com/safebrowsing/report_phish/ Google Report Phishing Page]''' {web link} which is the same when done while on site by going to '''Help > Report Web Forgery''' '''[http://www.mozilla.org/en-US/legal/fraud-report/ Help us safeguard Mozilla’s trademarks by reporting misuse]''' {web link}
Ingabe lokhu kube usizo kuwena? 0
Isicaphuno
FredMcD
  • Top 10 Contributor
4259 izisombululo 59635 izimpendulo
Kuphostiwe

When you get such notices, check the links in the message. If they do not go back to whoever the message claims to be from . . . . . . SCAM ! ! !

When you get such notices, check the links in the message. If they do not go back to whoever the message claims to be from . . . . . . SCAM ! ! !
Ingabe lokhu kube usizo kuwena? 0
Isicaphuno

Umnikazi wombuzo

I think you've misunderstood what I was saying.

Yes, I know it was a scam, that was why I was trying to use Thunderbird's Report E-mail Scam feature.

But Firefox was tell me that Mozilla's Phishing report page was a "Potential Security Risk" because of a mis-matched security certificate!

I think you've misunderstood what I was saying. Yes, I know it was a scam, that was why I was trying to use Thunderbird's Report E-mail Scam feature. But Firefox was tell me that Mozilla's Phishing report page was a "Potential Security Risk" because of a mis-matched security certificate!
Ingabe lokhu kube usizo kuwena?
Isicaphuno
FredMcD
  • Top 10 Contributor
4259 izisombululo 59635 izimpendulo
Kuphostiwe

Impendulo Ewusizo

Ahh. I see. What is the link that was flagged as bad? I am calling a moderator.

Ahh. I see. What is the link that was flagged as bad? I am calling a moderator.
Ingabe lokhu kube usizo kuwena? 1
Isicaphuno

Umnikazi wombuzo

The scam URL was https://storage.gxxgleapis.com/asharepoint-histography-105721396/index.html (I've replaced the oo in google with xx)

The link that comes up when I right click on the link and select "Report Email Scam" in Thunderbird is https://en-gb.phish-report.mozilla.com/?hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html

The second link is the one that Firefox flags as a Potential Security Risk.

The scam URL was https://storage.gxxgleapis.com/asharepoint-histography-105721396/index.html (I've replaced the oo in google with xx) The link that comes up when I right click on the link and select "Report Email Scam" in Thunderbird is https://en-gb.phish-report.mozilla.com/?hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html The second link is the one that Firefox flags as a Potential Security Risk.
Ingabe lokhu kube usizo kuwena?
Isicaphuno
FredMcD
  • Top 10 Contributor
4259 izisombululo 59635 izimpendulo
Kuphostiwe

Thanks for the links.

Thanks for the links.
Ingabe lokhu kube usizo kuwena?
Isicaphuno
McCoy
  • Top 10 Contributor
545 izisombululo 5141 izimpendulo
Kuphostiwe

graham12 said

The link that comes up when I right click on the link and select "Report Email Scam" in Thunderbird is https://en-gb.phish-report.mozilla.com/?hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html
The second link is the one that Firefox flags as a Potential Security Risk.

That link takes me to the correct "Report a Suspected Web Forgery" page.

About ten hours ago, when I entered the link that shows in your screenshot, it indeed took me to the "Potential Security Risk" warning; now it redirects me to :

https://www.mozilla.org/en-US/

''graham12 [[#answer-1254706|said]]'' <blockquote> The link that comes up when I right click on the link and select "Report Email Scam" in Thunderbird is https://en-gb.phish-report.mozilla.com/?hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html<BR> The second link is the one that Firefox flags as a Potential Security Risk. </blockquote> That link takes me to the correct "Report a Suspected Web Forgery" page. About ten hours ago, when I entered the link that shows in your screenshot, it indeed took me to the "Potential Security Risk" warning; now it redirects me to : https://www.mozilla.org/en-US/
Ingabe lokhu kube usizo kuwena? 0
Isicaphuno
McCoy
  • Top 10 Contributor
545 izisombululo 5141 izimpendulo
Kuphostiwe

graham12 said

The scam URL was https://storage.gxxgleapis.com/asharepoint-histography-105721396/index.html (I've replaced the oo in google with xx)

I did some searching and found out that this may have put some more malware on your device, so would you please do this :

Go to the Firefox menu (≡) => Options => Add-ons => Extensions and remove anything that looks unfamiliar or suspicious.

Do the same in Windows Control Panel => Programs.

Next step is to run malwarescans - further information can be found in this article :

https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no

Run most or all of the listed malware scanners. They all work differently - what one program doesn't pick up, the other might.

Also see : https://malwarefixes.com/threats/storage-googleapis-com/

And : https://howtoremove.guide/remove-storage-googleapis-com-virus/



You may also want to inform your email provider about this site.

''graham12 [[#answer-1254706|said]]'' <blockquote> The scam URL was https://storage.gxxgleapis.com/asharepoint-histography-105721396/index.html (I've replaced the oo in google with xx) </blockquote> I did some searching and found out that this may have put some more malware on your device, so would you please do this : Go to the Firefox menu (≡) => Options => Add-ons => Extensions and remove anything that looks unfamiliar or suspicious. Do the same in Windows Control Panel => Programs. Next step is to run malwarescans - further information can be found in this article : https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no '''Run most or all of the listed malware scanners'''. They all work differently - what one program doesn't pick up, the other might. Also see : https://malwarefixes.com/threats/storage-googleapis-com/ And : [https://howtoremove.guide/remove-storage-googleapis-com-virus/] --------------------------------------<BR> You may also want to inform your email provider about this site.
Ingabe lokhu kube usizo kuwena? 0
Isicaphuno

Umnikazi wombuzo

There's nothing on Firefox Extensions or Windows > Programs that I haven't installed myself.

Also I run eg NoScript, Avira and Zone Alarm (amongst others) and don't click on unknown links or install software from untrusted sources.

I've just tried going back to the original scam e-mail, right-clicking on the link and trying the "Report Email Scam" feature again and this time it worked ok and takes me to https://safebrowsing.google.com/safebrowsing/report_phish/?tpl=mozilla&hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html

So whatever the issue is, it appears to have been resolved.

There's nothing on Firefox Extensions or Windows > Programs that I haven't installed myself. Also I run eg NoScript, Avira and Zone Alarm (amongst others) and don't click on unknown links or install software from untrusted sources. I've just tried going back to the original scam e-mail, right-clicking on the link and trying the "Report Email Scam" feature again and this time it worked ok and takes me to https://safebrowsing.google.com/safebrowsing/report_phish/?tpl=mozilla&hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html So whatever the issue is, it appears to have been resolved.
Ingabe lokhu kube usizo kuwena?
Isicaphuno
McCoy
  • Top 10 Contributor
545 izisombululo 5141 izimpendulo
Kuphostiwe

Asking you to see if there was anything suspicious in Options => Extensions and in Windows Control Panel was just to make sure.

I'm glad that the problem seems to be solved; seeing that your second link now went to the correct pages, kind of made me think it would be.

But (just to be on the safe side and as a precaution) : would you run a malwarescan please  ? Maybe let Windows Defender run a full scan ?

(better safe than sorry .... )



You mention having other security software installed, but I'm a bit sceptical about that, and here's why :

https://www.howtogeek.com/239950/dont-use-your-antivirus-browser-extensions-they-can-actually-make-you-less-safe/

Also see :

http://tech.firstpost.com/news-analysis/ex-mozilla-firefox-developer-says-anti-virus-software-does-more-harm-than-good-359798.html

You're best off with just using Windows built-in Defender and maybe let malwarebytes run a scan once a month. But that is totally up to you, of course.

Asking you to see if there was anything suspicious in Options => Extensions and in Windows Control Panel was just to make sure. I'm glad that the problem seems to be solved; seeing that your second link now went to the correct pages, kind of made me think it would be. But (just to be on the safe side and as a precaution) : would you run a malwarescan please ? Maybe let Windows Defender run a full scan ? (better safe than sorry .... ) -------------------------------------<BR> You mention having other security software installed, but I'm a bit sceptical about that, and here's why : https://www.howtogeek.com/239950/dont-use-your-antivirus-browser-extensions-they-can-actually-make-you-less-safe/ Also see : http://tech.firstpost.com/news-analysis/ex-mozilla-firefox-developer-says-anti-virus-software-does-more-harm-than-good-359798.html You're best off with just using Windows built-in Defender and maybe let [https://www.malwarebytes.com/ malwarebytes] run a scan once a month. But that is totally up to you, of course.
Ingabe lokhu kube usizo kuwena? 0
Isicaphuno

Umnikazi wombuzo

Thanks for your suggestions, but I trust Microsoft products less than I trust anything else, especially after they tried to foist Windows 10 Nagware onto my machine under the guise of a "Critical Update"!

Thanks for your suggestions, but I trust Microsoft products less than I trust anything else, especially after they tried to foist Windows 10 Nagware onto my machine under the guise of a "Critical Update"!
Ingabe lokhu kube usizo kuwena?
Isicaphuno
McCoy
  • Top 10 Contributor
545 izisombululo 5141 izimpendulo
Kuphostiwe

graham12 said

Thanks for your suggestions, but I trust Microsoft products less than I trust anything else, especially after they tried to foist Windows 10 Nagware onto my machine under the guise of a "Critical Update"!

And that's when I hear alarm bells ringing .....

Would you please tell us more about this "Critical Update Nagware" ?

Was this about a fake Firefox update, Adobe Flash, or something else ?

''graham12 [[#answer-1254764|said]]'' <blockquote> Thanks for your suggestions, but I trust Microsoft products less than I trust anything else, especially after they tried to foist Windows 10 Nagware onto my machine under the guise of a "Critical Update"! </blockquote> And that's when I hear alarm bells ringing ..... Would you please tell us more about this "Critical Update Nagware" ? Was this about a fake Firefox update, Adobe Flash, or something else ?
Ingabe lokhu kube usizo kuwena? 0
Isicaphuno
FredMcD
  • Top 10 Contributor
4259 izisombululo 59635 izimpendulo
Kuphostiwe

Impendulo Ewusizo

It's been a long time since anyone asked about that.

https://www.bing.com/search?q=GWX.exe&pc=MOZI&form=MOZSBR

It's been a long time since anyone asked about that. https://www.bing.com/search?q=GWX.exe&pc=MOZI&form=MOZSBR
Ingabe lokhu kube usizo kuwena? 1
Isicaphuno

Umnikazi wombuzo

McCoy said

Would you please tell us more about this "Critical Update Nagware" ?

What FredMcD said.

Here's another take on what a stupid and short-sighted act this was on Microsoft's part: https://www.pcworld.com/article/3075729/fearing-forced-windows-10-upgrades-users-are-disabling-critical-updates-at-their-own-risk.html

Even before that, I would always check what each Windows Update actually did instead of blindly installing it.

PS recent Windows Updates are now starting to push "We're no longer supporting Windows 7, update to Windows 10 nagware..."

"This nag message arrives as part of KB4493132, an update that will be automatically installed by Windows Update if your PC has automatic updates enabled."

https://www.howtogeek.com/408556/how-to-avoid-windows-7s-end-of-support-nags/

''McCoy [[#answer-1254767|said]]'' <blockquote> Would you please tell us more about this "Critical Update Nagware" ? </blockquote> What FredMcD said. Here's another take on what a stupid and short-sighted act this was on Microsoft's part: https://www.pcworld.com/article/3075729/fearing-forced-windows-10-upgrades-users-are-disabling-critical-updates-at-their-own-risk.html Even before that, I would always check what each Windows Update actually did instead of blindly installing it. PS recent Windows Updates are now starting to push "We're no longer supporting Windows 7, update to Windows 10 nagware..." "This nag message arrives as part of KB4493132, an update that will be automatically installed by Windows Update if your PC has automatic updates enabled." https://www.howtogeek.com/408556/how-to-avoid-windows-7s-end-of-support-nags/
Ingabe lokhu kube usizo kuwena?
Isicaphuno
McCoy
  • Top 10 Contributor
545 izisombululo 5141 izimpendulo
Kuphostiwe

Those are upgrade nags though, not update nags ....

And you're right : shouldn't happen.

Also see :

https://www.ghacks.net/2019/01/15/better-check-your-windows-7-pc-for-get-windows-10-gwx-traces/

I'm just glad that you weren't seeing "Critical Update nags" related to Firefox !

Those are upgrade nags though, not update nags .... And you're right : shouldn't happen. Also see : https://www.ghacks.net/2019/01/15/better-check-your-windows-7-pc-for-get-windows-10-gwx-traces/ I'm just glad that you weren't seeing "Critical Update nags" related to Firefox !
Ingabe lokhu kube usizo kuwena? 0
Isicaphuno
Buza umbuzo

Kufanele ulogele ukungena ku-akhawunti yakho ukuze uphendule amaphosti. Uyacelwauqale umbuzo omusha, uma ungekabi nayo i-akhawunti namanje.