Security specialist Sophos reports that it has discovered new spam email messages that claim to be an advisory related to an update to the open source Firefox web browser. The fake advisory asks users to update their Firefox installations, “for security reasons”, and includes a download link to the supposed update.
According to Graham Cluley of Sophos, the download leads to an executable file that bundles an installer for the Windows version of Firefox 5.0.1 and a password-stealing trojan (Troj/PWS-BSF). As noted by Cluley, users should always exercise caution when clicking on links in emails.
Users can download the latest stable version of Firefox directly from the Mozilla project. Alternatively, users can upgrade to the new versions either by waiting for the automated update notification or by manually selecting “Check for updates” from the Help Menu.
will be on the look out for it . thanks for the warning , I never click on links in emails unless I am, 100 % sure of the sender; I may even send a mail to have it verified. One of my friends we send a note that has a saying in it to verify it on the spot I suggest every one do that, just some saying that you both know.
there’s a lot of that going around. i just received an email from ‘amazon’ about a dispute to a charge i made there. when i clicked on the properties of the email i found it was from “mrgoogle” and was addressed to ‘Family and Friends’, which is what tipped me off in the first place. there was only a fax number, no email or phone number to send the info to. also, they wanted information i know amazon would already have, such as the dispute claim number LOL which was another tip off. folks need to be very careful what they’re clicking on and responding to. thanks for the warning about firefox.