Original URL: http://www.theregister.co.uk/2011/08/09/fake_firefox_update_scam/

Fake Firefox update bundles Trojan add-on

Spam emails try basic ruse in attempt to fool the clueless

By John Leyden

Posted in Security, 9th August 2011 10:06 GMT

Scammers are attempting to trick Firefox users into downloading backdoored software via spam emails that supposedly advertise an "update" to the open-source browser.

A run of spam emails circulating over the weekend all include links to a download that bundles together a Mozilla Firefox 5.0.1 installer and a password-stealing Trojan horse. As a social engineering ruse it is about as subtle as a brick in the head, but there just may be enough credulous users out there to make the scam work. In reality, Firefox automatically updates itself, a point scammers obviously hope prospective marks do not know.

Scams of this type first punted Microsoft security updates but, over time, they have diversified to embrace a wider range of targets.

Net security firm Sophos detects the malware punted via the fake Firefox attack as Troj-PWS-BSF. It also detects the browser/malware bundle. Other vendors can be expected to follow suit.

A write-up of the scam, complete with extracts of the offending email, can be found in a blog post by Sophos here. ®