Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Urget Firefox Update Scam?

  • 4 replies
  • 15 have this problem
  • 2 views
  • Last reply by marie15

more options

occasionally when i open a new tab i see an orange page that says "urgent firefox update" with a green download button. i dont need to press the button in order for an exe file to come up. the link is here: https://oophomyperfectsale.net/1153088196469/611d35826f6d41941fbd82bde54dd408.html obviously it's not legitimate. i couldn't find anywhere else to report this problem. i learned on another website that these pop up from ads on legitimate pages.

occasionally when i open a new tab i see an orange page that says "urgent firefox update" with a green download button. i dont need to press the button in order for an exe file to come up. the link is here: https://oophomyperfectsale.net/1153088196469/611d35826f6d41941fbd82bde54dd408.html obviously it's not legitimate. i couldn't find anywhere else to report this problem. i learned on another website that these pop up from ads on legitimate pages.

All Replies (4)

more options

Use Help > Report Web Forgery ... to report fake update messages such as that. Doing that way is the fastest way to get that page blocked thru the SafeBrowsing system.

This is the page you'll be taken to: https://www.google.com/safebrowsing/report_phish/

But when you do it the URL will be automatically completed, so click "I'm not a robot." and add a comment before submitting that report.

I just reported that site myself.

more options

No it is not legit.

The fake patch/update exe can install things like trojans, viruses or unwanted software based on past reports.

The desktop Firefox is not just for Windows as it is for Mac OSX and Linux also so .exe would not be an effective way to send out Firefox updates. The updates are done internally in Firefox (with a .mar type of file) or by download from mozilla.org like say www.mozilla.org/firefox/all/

Even if Mozilla were to use .exe for Firefox updates on Windows, they would be serving them from a *.mozilla.org url and not from random websites with weird names.

Report fake Firefox updates sites like this as "distributing modified Firefox/malware" at https://www.mozilla.org/legal/fraud-report/ (url is at bottom of many mozilla.org sites) and Google may block if reported enough at https://www.google.com/safebrowsing/report_phish/ which can be accessed by Help > Report Web Forgery in Firefox.

Also could be reported as spam abuse at say http://publicdomainregistry.com/report-abuse-2/ since they have been the Registrar of these fake Firefox updates scam sites.

I have a thread about these sites serving a fake firefox update/patch .exe at https://support.mozilla.org/en-US/forums/contributors/712056

more options

Help! What should I do if I DID download a scam .exe update? I get that one should never download suspicious updates, but what if, in a thoughtless moment, it happens? I clicked the download button on this screen: https://mithusitenizolsun.org/9911270710726/97e9bea2a2e9d28974a733267e3aff84.html

then realized it was a scam.  I can't find any information on what to do when this mistake has been made.  What should I do now?

Modified by jesminesa

more options

jesminesa said

Help! What should I do if I DID download a scam .exe update? I get that one should never download suspicious updates, but what if, in a thoughtless moment, it happens? I clicked the download button then realized it was a scam. I can't find any information on what to do when this mistake has been made. What should I do now?

Hi jesminesa, I am just an average user and can't provide expert advice, but I had one download without clicking once, and my Kaspersky Total Security caught it immediately warning me Dangerous Object. Do you have antivirus /internet security software ? It should allow you to do similar things. My security software said that the exploit had downloaded into the hidden AppData folder in my user, in subfolder Local and subsubfolder Temp. My security software had automatically and instantly quarantined it upon download. I was able to then go into the security software to look at reports and quarantine and had it delete the object. Then I did a Quick Scan which focuses on commonly infected areas and when that was negative, a Full Scan and found no more threats.