Spam Mails Masquerading as Firefox Update Deliver Trojan
Security investigators at Security Company Sophos caution that bogus e-mails posing as notifications for Firefox update are circulating online while taking recipients onto a Trojan virus that steals passwords. SoftPedia reported this on August 8, 2011.
Essentially, the spam mails masquerade as an advisory regarding one fresh version of the widely used browser namely Firefox.
Displaying the subject line "New version released," the e-mails spoof the sender's address such that they seem to originate from one @firefox.com e-mail id.
These e-mails, according to Sophos, note that an update for Firefox software can be downloaded fast in tiny portions of fresh program for an end-user's already-installed Firefox Web-browser. The portions may have security patches alternatively slight alterations of other kinds for the browser for making sure the user is running the most advanced edition available for Firefox, the e-mails continue.
Furthermore, there's a continuous evolution of Firefox since the community for the browser keeps discovering methods for improving it, making adjustments whenever new security threats emerge. Significantly, maintaining an up-to-date Firefox ensures that one is utilizing the fastest, sharpest as also most secured edition of Firefox obtainable.
In addition, running an update for Firefox won't alter the user's passwords, bookmarks, alternatively any other settings though a few of the user's Add-ons mayn't instantly adapt to fresh updates.
Finally, the e-mails make a recommendation that recipients require clicking a given web-link for installing the Firefox update, although the link clearly doesn't produce the mozilla.com site.
Senior Security Consultant Graham Cluley of Sophos said that unsurprisingly, the web-link led onto an executable that was packed with an installer vis-à-vis a Trojan for stealing passwords, and Mozilla Firefox 5.0.1. Technology published this on August 8, 2011.
Sophos identified that the Trojan was Troj/PWS-BSF.
Meanwhile, Cluley further stated that one must know that Mozilla never dispatched Firefox update notices through electronic mail. In fact, for Firefox 5 and other later versions, the browser automatically became up-to-date devoid of any user-interaction, he added.
Eventually, security specialists urge users that they mustn't click web-links alternatively open attachments within uninvited e-mails while also keep in mind that Firefox automatically revises to its latest version.
Related article: Spam Scam Bags a Scottish Connection
» SPAMfighter News - 16-08-2011