Posted by: reformedmusings | September 2, 2008

Scam Alert targeting Firefox!!!

This is sick. There’s a fraudulent Russian website called 2008Firefox (I will not link to it) that charges you money (up to $80 by one account) for a non-existent product called Mozilla Firefox 2008. They even “offer” a bogus 3-year warranty and 24/7 support! The site uses the Firefox logos and has slick graphics, but it’s a complete scam. They are not associated with Mozilla or Firefox in any way. There is no Firefox 2008 and the REAL FIREFOX IS FREE!!!!!!

Also remember that these sites can install malware (virii, worms, Trojan horses, keyboard loggers, etc.) on your Windows computer if you visit them and steal your personal/financial information, especially if you are using Internet Explorer. Don’t go there out of curiosity.

The correct source for Firefox is Mozilla’s website. Support is free at Mozillazine. Please to not be duped by this Russian scam.

UPDATE: I have learned that there are a number of different scam websites with different addresses but seem to have Firefox 2008 or Google Earth in common. All want you to “join” for extended support. If you have been defrauded by one of these sites, notify your credit card company immediately! There’s even one at a firefox2 address which doesn’t charge money but, although the download link appears to be from Mozilla when you mouse over it, the actual download url in the file download box is in the Netherlands. Most likely the download there contains some nasty malware. There’s no end to these scam and malware permutations.

There are sites like that for almost any popular product you can imagine, including Windows, MS Office, Nero, etc. Individuals who fall for these scams usually only figure out what happened after their software fails to validate or the company refuses to give them an upgrade price for an invalid serial number. Remember, if something seems too good to be true (e.g., Windows or Nero for $25), it’s a scam 99% of the time. Only go to known company websites, check for the correct company URLs in your address bar, and check website credentials if they want money. Never us a debit card online. Only support open source or shareware authors with donations through their own home pages. Beware of sites that have download links to pages called “join.asp” or something similar. The 2008firefox site has at least 7 links on its page to join.asp. Membership-type scams are set up to regularly (usually monthly) suck money from your credit card. Once you’ve given your card number to a site like this, it’s best to cancel it and get a new card while working with the fraud department at your bank.

Another good technique is to check domains before sending money with a whois tool like http://whois.domaintools.com/. These will tell you who owns a domain and where the server is located. for the 2008firefox site, it says:

Domain name: 2008firefox.com

Name servers:
ns1.nameself.com
ns2.nameself.com

Registrar: RegTime.net Limited
Creation date: 2008-02-11
Expiration date: 2009-02-11

Registrant:
Evgeny I Viktorov
Email: 
Organization: Private person
Address: Moscow, Izmailovo
City: Moscow, Izmailovo
State: Moscow, Izmailovo
ZIP: 158471
Country: RU
Phone: +7.4955123456
Fax:
Administrative Contact:
Evgeny I Viktorov
Email: 
Organization: Private person
Address: Moscow, Izmailovo
City: Moscow, Izmailovo
State: Moscow, Izmailovo
ZIP: 158471
Country: RU
Phone: +7.4955123456
Fax:
Technical Contact:
Evgeny I Viktorov
Email: 

Organization: Private person
Address: Moscow, Izmailovo
City: Moscow, Izmailovo
State: Moscow, Izmailovo
ZIP: 158471
Country: RU
Phone: +7.4955123456
Fax:
Billing Contact:
Evgeny I Viktorov
Email: 
Organization: Private person
Address: Moscow, Izmailovo
City: Moscow, Izmailovo
State: Moscow, Izmailovo
ZIP: 158471
Country: RU
Phone: +7.4955123456
Fax:

Note the short-time registration (one year) which is typical for scam sites. Legitimate companies keep reserve their domains for at least 5 years. Also note carefully the top of the screen:

Registrant Search: “Evgeny I Viktorov” owns about 70 other domains
Email Search: is associated with about 84 domains

The large number of domains associated with an owner (other than a proxy company) and especially an email is a dead giveaway of a spammer or scam artist. This additional information is the reason that I like this particular whois site.

In general, domains in Russia, Eastern Europe, China, India, Pakistan, Africa, etc., are all suspect as these are preferred by malware distributors and scammers due to the lax or non-existent law enforcement in these places. There are good and legitimate companies in Russia, Eastern Europe, and China, but they have their own software and their own dedicated websites.

This is rich…I just noticed this statement at the bottom of the scam site’s page:

This website has no affiliation whatsoever with the owner of this software program, and provides ONLY a link to the software program.

That’s an understatement and should provide an important clue. Caveat Emptor!

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: