Does Firefox domain names include https://click.e.mozilla.org/ or [email protected] or have I encountered a scam?
Received an email and while official looking the embedded links seem fishy to me but I cannot be certain if they are valid Firefox domain names. The email does include valid looking logos and looks official enough stating "We are updating the Firefox Services Legal Terms and Privacy Notice.". The return email is [email protected] and all of the links contain https://click.e.mozilla.org/ where the "click." part seems fishy to me as this is more common with spam and Trojans and I would not think that Firefox would use it knowing that. Of coarse I have not visited or clicked on anything in the email as [to me] it is suspicious. I am enclosing an image of a screenshot of the email [note it is just the top part of the email since the real issue is the link references]. If it is valid then I wish to know so I am aware of the valid domain names,... and if it is NOT then I want to know how and who to report it to [who can I forward it to, to help defeat those who sent it]...
Gewysig op
All Replies (7)
You may have signed up for the Mozilla Newsletter (and forgot ? )
Gewysig op
- NOTE I update this as I was wrong. This site is part of Mozilla. Does not need reporting.
Site is owned/registered by Mozilla but is used by a company called ExactTarget, Inc.
I am totally shocked at the phrasing of the email. The redirection of the url when get to the page.
I would not consider this safe even after looking it up in the WHois.
VirusTotal https://www.virustotal.com/#/home/url scanned the url and it came back clean but what's behind that I do not want to try.
You can report that here : https://www.mozilla.org/en-US/about/legal/fraud-report/
Many ways to figure out where it came from and report it but none are easy and all are time consuming.
If you get the full headers of the email then can get a free account at spamcop.net and then past headers and body into the report....
If live in the USA or if your server is in the USA then can report to https://www.usa.gov/online-safety#item-37272 If live in another country need to google "report phishing gov spain" as a example.
Note that the numerical address in the email is most likely spoofed.
you need the ISP address in numerical first ie 233.234.14 You can get a whois extension or google whois and find one that gives you the information not how much to buy a website for. The information will have the numerical address range ie 233.234.14 -- XXX.XXX.XXX will also have a abuse address, or get the number and do below and report to more places maybe....
You can go to one of the internet authorities in charge of ISP blocks for regions of the world once have a numerical address that is not spoofed. Arin.net Apnic Ripe and more (some are .org but most are .net)
Those are the ways. Spamcop is fastest way to report your spam and if make a 15buck donation will last you well over a year or 2 or 3.
Please let us know if this solved your issue or if need further assistance.
Gewysig op
If I use the Network Monitor then I see this IP: 198.245.89.107:443
Anything *.mozilla.org is genuine as only Mozilla has control of mozilla.org as you can see a example list at https://wiki.mozilla.org/Over_100_domains
The [email protected] is used for say https://wiki.mozilla.org/Newsletters from Mozilla. Maybe you signed up on a page like https://www.mozilla.org/newsletter/ or https://www.mozilla.org/contribute/friends/ or https://www.mozilla.org/en-US/newsletter/firefox/. Or for example if you applied for something like in https://asadotzler.com/2014/04/01/tablet-contribution-program-application-results/
Some of these emails can mention articles on https://blog.mozilla.org/
It is interesting that so many people can think a email from *.mozilla.org domain can be fake as you are certainly not the first I have seen to ask about the @e.mozilla.org emails.
the [email protected] emails are from a vendor ExactTarget.
from Bug 770288 - Mozilla emails being marked as scam
We use Exact Target for all marketing communication to community and more than 7 million Firefox & You subscribers.
They are not fake or a scam and should not be reported to get blocked as suggested by Pkshadow.
btw Firefox is the name of the web browser (third one as it was Firebird and Phoenix before) as Mozilla is the company that makes Firefox.
Gewysig op
In addition to the above :
See my first post ......
This 'click.e.mozilla' should lead you to articles like these :
Happy112 said
You may have signed up for the Mozilla Newsletter (and forgot ? ) See : https://www.mozilla.org/en-US/newsletter/
Nope, signing up on this forum is the first Mozilla Firefox thing I have done since I got my new computer last year.
James said
Anything *.mozilla.org is genuine as only Mozilla has control of mozilla.org as you can see a example list at https://wiki.mozilla.org/Over_100_domains The [email protected] is used for say https://wiki.mozilla.org/Newsletters from Mozilla. Maybe you signed up on a page like https://www.mozilla.org/newsletter/ or https://www.mozilla.org/contribute/friends/ or https://www.mozilla.org/en-US/newsletter/firefox/. Or for example if you applied for something like in https://asadotzler.com/2014/04/01/tablet-contribution-program-application-results/ Some of these emails can mention articles on https://blog.mozilla.org/ It is interesting that so many people can think a email from *.mozilla.org domain can be fake as you are certainly not the first I have seen to ask about the @e.mozilla.org emails. the [email protected] emails are from a vendor ExactTarget. from Bug 770288 - Mozilla emails being marked as scamWe use Exact Target for all marketing communication to community and more than 7 million Firefox & You subscribers.They are not fake or a scam and should not be reported to get blocked as suggested by Pkshadow.
btw Firefox is the name of the web browser (third one as it was Firebird and Phoenix before) as Mozilla is the company that makes Firefox.
Nope, signing up on this forum is the first Mozilla Firefox thing I have done since I got my new computer last year.
If they sent it to me it was of their own accord without interaction from me since last year. Setting up my computer was the last time I had to deal with a Firefox sign in.
Also, in that list at https://wiki.mozilla.org/Over_100_domains with a page search I did not find the word "click.", although I can easily imagine their list not being complete as it seems quite disorganized to have so very many seemingly random domain names, I suppose they could have missed it. It really makes it all quite ambiguous, it is not surprising they would have had issues with mail being marked as spam.
So if they actually changed their policy [as the email states] and are notifying everyone then I can imagine receiving the email, but if not everyone else got it then I find that suspicious, so my next question would be has everyone else received this notification? Did YOU receive it?
Gewysig op