German freemail sites trick Firefox & Chrome users into removing AdBlock

German freemail heavyweights web.de and gmx.net (several millions of users combined) are using deceptive techniques in order to manipulate Firefox and Chrome users into removing AdBlock and its variants. This message is displayed for people with the respective setup:

web_deThe yellow bar is part of the website (it even scrolls with the site). It says:

The security of your computer is compromised by a Firefox Add-On. [Restore Security]

Clicking the fake button or the “Further information” link takes the user to a shady-looking website charmingly named browsersicherheit.info (browser security dot info).

This site imitates the look of Chrome’s browser settings and uses a seemingly objective and caring tone, explaining how „content manipulating browser add-ons“ pose an enormous security risk. It also contains a surprisingly short list of allegedly “known malicious browser add-ons”:

plugins2Note how AdBlock and several variants of it are shown at the top of this list, described as “filters page contents”. Every user of AdBlock is aware that it filters contents—that’s its purpose. Still, this list is obviously supposed to cause insecurity and fear, especially since the same list contains obscure and dubious sounding add-ons. Many of them are described as “inserting external elements like advertising”. One, ironically, is accused of “creating false security alerts”.

Otherwise, the page purports to be a well-meaning security initiative. Only the legally-mandated and well-hidden Contacts page shows that 1&1 Mail & Media is behind it. The 1&1 DSL and hosting franchise is part of the German United Internet company, which in turn owns web.de and gmx.net. A press release at gmx.net praises it, but gmx.net is not named as part of this “program” anywhere on the site. However, in the ridiculously short “press comments” section, gmx.net and web.de appear as two out of three sources (the third being a nasty tabloid’s computer spinoff magazine).

This practice is all the more more malicious, as it has taken years to establish that browsers show meaningful security notifications, and to get everyone’s parents to actually read and follow them.

Apparently, the Mozilla security team is looking at the situation, which I’m very grateful for.

About these ads
7 Kommentare
  1. en4rab sagte:

    I just had a look at the web.de site firefox developer console had this to say “Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen.” yes they take your security very seriously :)

    • Domelo sagte:

      Yes, you’re absolutely right, as http sites are unsecure ans they can steal your data plus they can hit your system with phishing, malware and virus attacks. So far, I have found Adguard – adblock that not only blocks all the ads and banners, but it also keeps your safe from threatening attacks of malware and viruses,

  2. Perhaps people should take the extra security of using Opera browser more seriously ;)

Kommentar schreiben/Post a comment

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

WordPress.com-Logo

Du kommentierst mit Deinem WordPress.com-Konto. Abmelden / Ändern )

Twitter-Bild

Du kommentierst mit Deinem Twitter-Konto. Abmelden / Ändern )

Facebook-Foto

Du kommentierst mit Deinem Facebook-Konto. Abmelden / Ändern )

Google+ photo

Du kommentierst mit Deinem Google+-Konto. Abmelden / Ändern )

Verbinde mit %s

Folgen

Erhalte jeden neuen Beitrag in deinen Posteingang.