Firefox reports Mozilla Phishing Report page as Potential Security Risk
I just received a "Password Reset Notification" e-mail that looked very scammy,
I right clicked on the link to select "Report Phishing Scam, but when Firefox was going to open the Mozilla Phishing report page, I got "Warning, potential security risk ahead"
I think there's a problem somewhere...!
Wšykne wótegrona (16)
PS I'm using Thunderbird 60.9.0 32 bit as my mail client
Also, when I clicked on Advanced in Firefox I got:
Web sites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for en-gb.phish-report.mozilla.com. The certificate is only valid for aus2.mozilla.org.
Error code: SSL_ERROR_BAD_CERT_DOMAIN
View Certificate
Wót graham12
The notice you got was a SCAM.
. Whenever you get a message / popup like that;
DO NOT USE ANY OF THE PROVIDED LINKS OR ANY PHONE NUMBERS ! !
Such messages are only Spam that could lead you to Fake Support. Not only can they damage or hack your system, they charge you to do so.
You can report such a site at; Google Report Phishing Page {web link} which is the same when done while on site by going to Help > Report Web Forgery
Help us safeguard Mozilla’s trademarks by reporting misuse {web link}
When you get such notices, check the links in the message. If they do not go back to whoever the message claims to be from . . . . . . SCAM ! ! !
I think you've misunderstood what I was saying.
Yes, I know it was a scam, that was why I was trying to use Thunderbird's Report E-mail Scam feature.
But Firefox was tell me that Mozilla's Phishing report page was a "Potential Security Risk" because of a mis-matched security certificate!
Ahh. I see. What is the link that was flagged as bad? I am calling a moderator.
The scam URL was https://storage.gxxgleapis.com/asharepoint-histography-105721396/index.html (I've replaced the oo in google with xx)
The link that comes up when I right click on the link and select "Report Email Scam" in Thunderbird is https://en-gb.phish-report.mozilla.com/?hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html
The second link is the one that Firefox flags as a Potential Security Risk.
Thanks for the links.
graham12 said
The link that comes up when I right click on the link and select "Report Email Scam" in Thunderbird is https://en-gb.phish-report.mozilla.com/?hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html
The second link is the one that Firefox flags as a Potential Security Risk.
That link takes me to the correct "Report a Suspected Web Forgery" page.
About ten hours ago, when I entered the link that shows in your screenshot, it indeed took me to the "Potential Security Risk" warning; now it redirects me to :
graham12 said
The scam URL was https://storage.gxxgleapis.com/asharepoint-histography-105721396/index.html (I've replaced the oo in google with xx)
I did some searching and found out that this may have put some more malware on your device, so would you please do this :
Go to the Firefox menu (≡) => Options => Add-ons => Extensions and remove anything that looks unfamiliar or suspicious.
Do the same in Windows Control Panel => Programs.
Next step is to run malwarescans - further information can be found in this article :
https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no
Run most or all of the listed malware scanners. They all work differently - what one program doesn't pick up, the other might.
Also see : https://malwarefixes.com/threats/storage-googleapis-com/
And : https://howtoremove.guide/remove-storage-googleapis-com-virus/
You may also want to inform your email provider about this site.
There's nothing on Firefox Extensions or Windows > Programs that I haven't installed myself.
Also I run eg NoScript, Avira and Zone Alarm (amongst others) and don't click on unknown links or install software from untrusted sources.
I've just tried going back to the original scam e-mail, right-clicking on the link and trying the "Report Email Scam" feature again and this time it worked ok and takes me to https://safebrowsing.google.com/safebrowsing/report_phish/?tpl=mozilla&hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html
So whatever the issue is, it appears to have been resolved.
Asking you to see if there was anything suspicious in Options => Extensions and in Windows Control Panel was just to make sure.
I'm glad that the problem seems to be solved; seeing that your second link now went to the correct pages, kind of made me think it would be.
But (just to be on the safe side and as a precaution) : would you run a malwarescan please ? Maybe let Windows Defender run a full scan ?
(better safe than sorry .... )
You mention having other security software installed, but I'm a bit sceptical about that, and here's why :
Also see :
You're best off with just using Windows built-in Defender and maybe let malwarebytes run a scan once a month. But that is totally up to you, of course.
Thanks for your suggestions, but I trust Microsoft products less than I trust anything else, especially after they tried to foist Windows 10 Nagware onto my machine under the guise of a "Critical Update"!
graham12 said
Thanks for your suggestions, but I trust Microsoft products less than I trust anything else, especially after they tried to foist Windows 10 Nagware onto my machine under the guise of a "Critical Update"!
And that's when I hear alarm bells ringing .....
Would you please tell us more about this "Critical Update Nagware" ?
Was this about a fake Firefox update, Adobe Flash, or something else ?
It's been a long time since anyone asked about that.
McCoy said
Would you please tell us more about this "Critical Update Nagware" ?
What FredMcD said.
Here's another take on what a stupid and short-sighted act this was on Microsoft's part: https://www.pcworld.com/article/3075729/fearing-forced-windows-10-upgrades-users-are-disabling-critical-updates-at-their-own-risk.html
Even before that, I would always check what each Windows Update actually did instead of blindly installing it.
PS recent Windows Updates are now starting to push "We're no longer supporting Windows 7, update to Windows 10 nagware..."
"This nag message arrives as part of KB4493132, an update that will be automatically installed by Windows Update if your PC has automatic updates enabled."
https://www.howtogeek.com/408556/how-to-avoid-windows-7s-end-of-support-nags/
Those are upgrade nags though, not update nags ....
And you're right : shouldn't happen.
Also see :
https://www.ghacks.net/2019/01/15/better-check-your-windows-7-pc-for-get-windows-10-gwx-traces/
I'm just glad that you weren't seeing "Critical Update nags" related to Firefox !