Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox reports Mozilla Phishing Report page as Potential Security Risk

  • 16 replies
  • 1 has this problem
  • 2 views
  • Last reply by McCoy

more options

I just received a "Password Reset Notification" e-mail that looked very scammy,

I right clicked on the link to select "Report Phishing Scam, but when Firefox was going to open the Mozilla Phishing report page, I got "Warning, potential security risk ahead"

I think there's a problem somewhere...!

I just received a "Password Reset Notification" e-mail that looked very scammy, I right clicked on the link to select "Report Phishing Scam, but when Firefox was going to open the Mozilla Phishing report page, I got "Warning, potential security risk ahead" I think there's a problem somewhere...!
Attached screenshots

All Replies (16)

more options

PS I'm using Thunderbird 60.9.0 32 bit as my mail client

Also, when I clicked on Advanced in Firefox I got:

Web sites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for en-gb.phish-report.mozilla.com. The certificate is only valid for aus2.mozilla.org.

Error code: SSL_ERROR_BAD_CERT_DOMAIN

View Certificate

Modified by graham12

more options

The notice you got was a SCAM.

. Whenever you get a message / popup like that;

DO NOT USE ANY OF THE PROVIDED LINKS OR ANY PHONE NUMBERS ! !

Such messages are only Spam that could lead you to Fake Support. Not only can they damage or hack your system, they charge you to do so.

You can report such a site at; Google Report Phishing Page {web link} which is the same when done while on site by going to Help > Report Web Forgery

Help us safeguard Mozilla’s trademarks by reporting misuse {web link}

more options

When you get such notices, check the links in the message. If they do not go back to whoever the message claims to be from . . . . . . SCAM ! ! !

more options

I think you've misunderstood what I was saying.

Yes, I know it was a scam, that was why I was trying to use Thunderbird's Report E-mail Scam feature.

But Firefox was tell me that Mozilla's Phishing report page was a "Potential Security Risk" because of a mis-matched security certificate!

more options

Ahh. I see. What is the link that was flagged as bad? I am calling a moderator.

more options

The scam URL was https://storage.gxxgleapis.com/asharepoint-histography-105721396/index.html (I've replaced the oo in google with xx)

The link that comes up when I right click on the link and select "Report Email Scam" in Thunderbird is https://en-gb.phish-report.mozilla.com/?hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html

The second link is the one that Firefox flags as a Potential Security Risk.

more options

Thanks for the links.

more options

graham12 said

The link that comes up when I right click on the link and select "Report Email Scam" in Thunderbird is https://en-gb.phish-report.mozilla.com/?hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html
The second link is the one that Firefox flags as a Potential Security Risk.

That link takes me to the correct "Report a Suspected Web Forgery" page.

About ten hours ago, when I entered the link that shows in your screenshot, it indeed took me to the "Potential Security Risk" warning; now it redirects me to :

https://www.mozilla.org/en-US/

more options

graham12 said

The scam URL was https://storage.gxxgleapis.com/asharepoint-histography-105721396/index.html (I've replaced the oo in google with xx)

I did some searching and found out that this may have put some more malware on your device, so would you please do this :

Go to the Firefox menu (≡) => Options => Add-ons => Extensions and remove anything that looks unfamiliar or suspicious.

Do the same in Windows Control Panel => Programs.

Next step is to run malwarescans - further information can be found in this article :

https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no

Run most or all of the listed malware scanners. They all work differently - what one program doesn't pick up, the other might.

Also see : https://malwarefixes.com/threats/storage-googleapis-com/

And : https://howtoremove.guide/remove-storage-googleapis-com-virus/



You may also want to inform your email provider about this site.

more options

There's nothing on Firefox Extensions or Windows > Programs that I haven't installed myself.

Also I run eg NoScript, Avira and Zone Alarm (amongst others) and don't click on unknown links or install software from untrusted sources.

I've just tried going back to the original scam e-mail, right-clicking on the link and trying the "Report Email Scam" feature again and this time it worked ok and takes me to https://safebrowsing.google.com/safebrowsing/report_phish/?tpl=mozilla&hl=en-GB&url=https%3A%2F%2Fstorage.googleapis.com%2Fasharepoint-histography-105721396%2Findex.html

So whatever the issue is, it appears to have been resolved.

more options

Asking you to see if there was anything suspicious in Options => Extensions and in Windows Control Panel was just to make sure.

I'm glad that the problem seems to be solved; seeing that your second link now went to the correct pages, kind of made me think it would be.

But (just to be on the safe side and as a precaution) : would you run a malwarescan please  ? Maybe let Windows Defender run a full scan ?

(better safe than sorry .... )



You mention having other security software installed, but I'm a bit sceptical about that, and here's why :

https://www.howtogeek.com/239950/dont-use-your-antivirus-browser-extensions-they-can-actually-make-you-less-safe/

Also see :

http://tech.firstpost.com/news-analysis/ex-mozilla-firefox-developer-says-anti-virus-software-does-more-harm-than-good-359798.html

You're best off with just using Windows built-in Defender and maybe let malwarebytes run a scan once a month. But that is totally up to you, of course.

more options

Thanks for your suggestions, but I trust Microsoft products less than I trust anything else, especially after they tried to foist Windows 10 Nagware onto my machine under the guise of a "Critical Update"!

more options

graham12 said

Thanks for your suggestions, but I trust Microsoft products less than I trust anything else, especially after they tried to foist Windows 10 Nagware onto my machine under the guise of a "Critical Update"!

And that's when I hear alarm bells ringing .....

Would you please tell us more about this "Critical Update Nagware" ?

Was this about a fake Firefox update, Adobe Flash, or something else ?

more options

It's been a long time since anyone asked about that.

https://www.bing.com/search?q=GWX.exe&pc=MOZI&form=MOZSBR

more options

McCoy said

Would you please tell us more about this "Critical Update Nagware" ?

What FredMcD said.

Here's another take on what a stupid and short-sighted act this was on Microsoft's part: https://www.pcworld.com/article/3075729/fearing-forced-windows-10-upgrades-users-are-disabling-critical-updates-at-their-own-risk.html

Even before that, I would always check what each Windows Update actually did instead of blindly installing it.

PS recent Windows Updates are now starting to push "We're no longer supporting Windows 7, update to Windows 10 nagware..."

"This nag message arrives as part of KB4493132, an update that will be automatically installed by Windows Update if your PC has automatic updates enabled."

https://www.howtogeek.com/408556/how-to-avoid-windows-7s-end-of-support-nags/

more options

Those are upgrade nags though, not update nags ....

And you're right : shouldn't happen.

Also see :

https://www.ghacks.net/2019/01/15/better-check-your-windows-7-pc-for-get-windows-10-gwx-traces/

I'm just glad that you weren't seeing "Critical Update nags" related to Firefox !