Helping Users Avoid Fraud Sites and Get the Real Firefox

A while back I posted on some of the various Firefox fraud schemes and deceptive sites that trick users into paying for Firefox or downloading malware branded as Firefox. The goal was to explain how we analyze these matters and discuss the tools available to address the problem.  Gerv recently posted on this as well – which was great.

What my last post on this subject didn’t do was talk about the specifics of particular cases. I can’t do that for a number of reasons – there are legal implications and in some cases what we say is constrained by law. However, we can do a better job of keeping those that submit reports informed, and a general update is long over-due, so here goes:

Over the past nine months, these are some of the activities we’ve undertaken in response to user reports we’ve received and activities we’ve discovered:

  • Asserted claims that caused 15 European (mostly German) sites to discontinue their deceptive practices involving Firefox and Thunderbird. These were the result of injunctions or cease and desist efforts (German courts have issued seven legal injunctions in response to our applications);
  • Reviewed more than 4,300 sites;
  • Reported a host of sites to regional consumer protection agencies;
  • Recovered 50 or so domains that were engaged in questionable activities (i.e. subscription traps or distributing malware);
  • Caused 122 US sites to discontinue unauthorized or infringing  practices in response to our requests; and
  • Alerted search engines to these practices when we thought they would act.

More info on European and US activities is available here. While this is really good, there’s more to be done.  Ultimately, we’ll need to address some of the even larger syndicates using legal tools. It seems operators of some of these sites are making so much money from the scams that they will spend even more money to assert frivolous defenses to keep it going.   Fortunately, the courts have to date, seen through these technical defenses.

Cease and desist campaigns, or filing injunctions where possible, is not a scalable or cost effective approach in the long run however.  Already, about 30% of Mozilla’s legal matters are trademark enforcement related.  Long term, to really scale to meet this problem, we’re going to need to explore alternative approaches that utilize organizations like, so users can be notified in advance when they end up on these sites.  In combination, we may also need more messaging to warn users about the subscription traps that exist. In the interim, however, we’ll continue to utilize the tools we have so fewer users are scammed and more get the really great product contributors have created.

As Asa Dotzler Tweeted recently: “If you’re being asked to pay for Firefox, it’s a scam! Firefox is absolutely 100% free. Always get Firefox from Please RT”

More to come.

2 Responses to Helping Users Avoid Fraud Sites and Get the Real Firefox

  1. Pingback: Artikel : Masalah Pemalsuan di Dunia FOSS (1) « Tanya Reza Ervani Tentang LINUX

  2. Pingback: The FOSS fakery problem | Why Can't I Get Pregnant?