Fake Firefox update notice. Click for a larger version. Note the address bar does not include the word Mozilla.
Don’t click on that critical Firefox update notice! It could be a scam. Someone could be pretending to be Mozilla to plant some malware on your computer. So how do you know?
Mozilla instructions for checking if Firefox is up to date. Click for a larger version. Note the word Mozilla in the address bar.
I was surfing pet care sites this morning and I got a popup window telling me I needed a “critical Firefox update” to keep my computer secure. There was a handy “Download Now” button. I was suspicious. Why? First, I have my preferences set to update Firefox automatically. The popup window looked official but it wasn’t the kind of notification Firefox gives me to notify me of an update. Second, I checked the address bar at the top of the popup window and it looked nothing like the real Mozilla address bar. The word Mozilla wasn’t even in the address bar. You can see two examples of legit Mozilla address bars at the top left of the two screen captures from Mozilla that are immediately above and below this paragraph. The address bars in the screen captures of the fake notices in this article do not include the word Mozilla. When you are at the real Mozilla site you will always see “mozilla.org/” as part of the address/URL. Third, it is generally unwise to click on any links in unexpected popup windows, especially if they are unrelated to the site you are on. So I closed the popup window.
Confirmation that my version of Firefox is up to date. Click for a larger version. Note the word Mozilla in the address bar.
I went to the Firefox menu and checked the update status. Sure enough, I was up to date. That means the popup window was a fake, despite the authentic looking Firefox logo. Heaven only knows what kind of nasty software would have been uploaded to my computer had I clicked on the link and downloaded the software.
Some fake web sites will include part of the real site’s web address to fool you, but there will be extra letters inserted. If you see extra letters between mozilla and org (like “mozilla.cr.org/”) you should be suspicious. CNET always has “cnet.com/” as part of the address for every page on the site. If you see extra letters after “.com” but before the first backslash (like “cnet.com.co/”) something is wrong. When in doubt, close the window and go directly to the real site.
Fake Firefox update notice. Click for a larger version. Note the address bar does not include the word Mozilla.
There are a variety of fake notices out there and some of them look quite different from the one at the top of this article.
So be very careful about clicking on links in unexpected popup windows, no matter how official they look. As a general rule you should not click on links in any popup window. It has just become too dangerous. Go directly to the safe web site of your choice (Mozilla, Microsoft, Apple, CNET, or wherever) and look for whatever updates or software or apps you are looking for.
It is important for your own online security to keep Firefox up to date. To manually update Firefox or check if your version of Firefox is up to date, follow the instructions here.
Links
Mozilla on fake Firefox updates
Update Firefox to the Latest Version
How to use the “Advanced Panel” to set your Firefox Preferences, including updates
Mozilla Support – Home Page