Home » Emerging Threats » Beware Brand New Phishing Scam In The Wild

Beware Brand New Phishing Scam In The Wild

  • Pin It
  • Pin It

AVG (AU/NZ) would like to inform its customers and visitors of a new scam doing the rounds. In the coming days, you may receive an email, supposedly from Mozilla Firefox, advertising an upgrade to Firefox 8:

This is a particularly clever email, designed specifically to build a rapport with you by trading on the brand trust that you associate with Firefox and Facebook. We call this “Spear Phishing”, that is, a targeted phishing scam directed specifically at users of Firefox and/or Facebook (there’s no shortage of those!). Don’t be fooled though – Firefox will never advertise updates this way. Take a closer look at the sender:



Smells fishy, doesn’t it?

If you receive this email, DO NOT click on the Get It Now link – this will link directly to an infected executable file firefox-8.0.1.exe. If you’re lucky, your Internet Security provider will recognise a threat, but if not you’re in for a surprise. Fortunately for us, and for customers of AVG Internet Security, the Online Shield component of AVG’s Linkscanner software detects this threat:

AVG has blocked this threat at the network layer, which means it hasn’t even had a chance to touch the file system of your computer. Other solutions that rely on kernel scanning may not have been as effective.

Unfortunately however, even the best Internet Security products can’t be effective 100% of the time. These scams are all too common, especially around this time of year when businesses and consumers are at their most internet active.  This case teaches us to:

1. Be wary of unsolicited emails. Particularly, set your own software update schedules and do not depend on email.

2. If you’re not sure about what is being offered in an email, always check the sender before you click on any links. In this case, the sender is clearly not Mozilla. Learn more about how to protect yourself from similar scams here.

3. Make sure you have a full Internet Security suite. This email is particularly nasty in that the infected payload is not being delivered by attachment – it is being delivered via hyperlink to your email client. Traditional Anti-Virus software will not be sufficient – you need a full Internet Security suite with Anti-Spam, Anti-Phishing and Linkscanner components.

If you have received this email overnight or it lands in your inbox in the coming days, delete it immediately, and help us spread the word via your social networks.



Is this worth sharing?
If you think this information would help keep others safe online, please share: