A phishing campaign aimed at add-on developers has been uncovered, with attackers sending fake messages about account updates. Mozilla warns developers to exercise extreme caution with suspicious emails, advising against clicking on links. It's essential to verify that messages originate from official Mozilla domains like firefox.com or mozilla.org. Emails should also pass SPF, DKIM, and DMARC authentication checks. Developers are reminded that usernames and passwords should only be entered on official Mozilla sites and are encouraged to consult official sources for tips on recognizing phishing attempts.
The phishing emails contain typical phrases such as 'Your Mozilla Add-ons account requires an update to continue accessing developer features.' These fake messages are designed to trick developers into revealing their login details.
Mozilla advises extreme caution when dealing with suspicious emails and strongly advises against clicking on links in such messages.
Emails must pass SPF, DKIM, and DMARC verifications, and users can check this via their email provider's documentation to ensure legitimacy.
A crucial rule is that Mozilla usernames and passwords should only be entered on mozilla.org or firefox.com, emphasizing the danger of phishing attempts.
Collection
[
|
...
]