Devs told to exercise 'extreme caution' with emails disguised as account update prompts

Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons.

The browser maker urged devs to "exercise extreme caution and scrutiny" when reviewing seemingly legitimate emails from senders pretending to be Mozilla or AMO (addons.mozilla.org).

Although phishing emails can take many forms, Moz said this campaign usually lures devs into clicking through a malicious link to update their account. Failure to do so, or so the crims claim, would result in the dev losing access to developer features.

The company did not specify the motivations behind the phishing attacks, although it can be reasonably assumed that if developers are being targeted, gaining access to trusted developer accounts is likely the game plan.

Mozilla was also quiet on the scale and success of the phishers' efforts thus far, but given the spate of scammy extensions targeting crypto users of late, gaining access to trustworthy developer accounts ...