Mozilla Warns of Phishing Campaign Targeting Firefox Add-On Developers

Mozilla has warned that an active phishing campaign directed at the developer community building add-ons for Firefox is in full swing, and urges people to take precautions. 

Phishing campaigns directed at developers are nothing new. Attackers know that if they can compromise even a few accounts of developers working on third-party Firefox add-ons, for example, it will give them the opportunity to push malware onto countless unsuspecting users. 

Phishing remains a primary method of capturing credentials. It’s easy to imagine that developers are savvy enough to avoid such a trap, but cybercriminals know how to build compelling emails or messages to look like they come from official sources. 

The situation likely became severe enough for Mozilla to issue an official statement. 

“The developer community should be aware we’ve detected a phishing campaign targeting AMO (addons.mozilla.org) accounts,” said the organization. “Add-on developers should exercise extreme caution and scrutiny when receiving emails claiming to be from Mozilla/AMO. Phishing emails typically state some variation of the message ‘Your Mozilla Add-ons account requires an update to continue accessing developer features.’"

The hook

All phishing campaigns rely on a couple of key types of messages. Criminals will either promise rewards or make threats, implying some imaginary urgency. 

In this phishing campaign, developers are warned that they might lose access to certain features, which might be enough for some to spring into action and click on the malicious link. 

In all likelihood, the target will click on the link and get redirected to a portal that looks very much like the real thing. Entering the credentials won’t work, of course, but it’s too late by that time. 

Mozilla has advised developers to follow a few strict rules:

• Don’t click on links in emails.
• Verify the email was sent by a Mozilla-owned domain: firefox.com, mozilla.com, mozilla.org, mozillafoundation.org.
• Validate that links in the email point to firefox.com, mozilla.com, mozilla.org, mozillafoundation.org. Better yet, users should enter the address manually in the browser and never rely on the provided links.

Ideally, users should also always use a security solution, such as Bitdefender Ultimate, that can detect phishing attempts and warn potential victims that they’re being targeted.