Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Security Breach -- realitychance.com

more options

I got a phishing e-mail on my mail.yahoo.com webmail interface. I deleted it but immediately received the following warning from Bitdefender:

Suspicious connection blocked 8 minutes ago

Feature: Online Threat Prevention

firefox.exe attempted to establish a connection relying on an untrusted certificate to realitychance.com. We blocked the connection to keep your data safe since untrusted certificates are issued by unrecognized Certificate Authorities.

Kinda weird that an e-mail where I didn't click any link is still able to manipulate my browser like that!

I got a phishing e-mail on my mail.yahoo.com webmail interface. I deleted it but immediately received the following warning from Bitdefender: Suspicious connection blocked 8 minutes ago Feature: Online Threat Prevention firefox.exe attempted to establish a connection relying on an untrusted certificate to realitychance.com. We blocked the connection to keep your data safe since untrusted certificates are issued by unrecognized Certificate Authorities. Kinda weird that an e-mail where I didn't click any link is still able to manipulate my browser like that!

All Replies (2)

more options

No infection was detected by Bitdefender or Windows Security. It's the ATTEMPT that concerns me.

more options

If the certificate was not valid, then Firefox wouldn't have loaded the content, either. I'm not sure Bitdefender made a difference in this case.

But why was there a request in the first place? I have a thought:

Does your email immediately show embedded images in a message preview? Images embedded in messages (or other web pages) need to be requested from the server, and can trigger that kind of block.