Report fake websites and Firefox distributions to Mozilla
When it comes to software downloads, I'm always trying to snag the software from official sources. In the case of Firefox, that is the Mozilla.org website. The core reason for this is that Mozilla has virtually no control over third party websites. Many of those are perfectly legit, Softpedia, Major Geeks, Betanews and there is usually no ill-effect when you download Firefox from those sources.
But even legit sites may bundle Firefox or other popular programs with adware installers, and while some offer direct downloads as well, others do not.
If you thought that this is the worst thing that can happen to you, you thought wrong. It is easy enough to block the installation of adware in those installers if you pay attention to the dialog.
There is however another kind of distribution. This type does not bundle Firefox with an adware installer, it integrates adware such as the Delta Toolbar directly in the browser.Note that it is easy enough to add dangerous contents to the distribution as well, e.g. malware.
This raises several issues. First, users do not know what they install in addition to the browser. Maybe it is a toolbar, modified search and home page settings, or something worse. They only find out after the installation, but not before.
Second, it may cast a damning light on Mozilla when users cannot distinguish between the organization and the website they have downloaded the unofficial Firefox version of.
Report fake Firefox distributions
A quick check on Google for "Mozilla Firefox", "Firefox Download" and "Mozilla Firefox Download" returned at least one instance on the first three pages of the search results where Firefox was offered either bundled with an adware installer, or where third party toolbars have been integrated directly in the distribution.
And that is not even taking the ads into account that are displayed on top and to the right of the search results. They too may mislead users and get them to websites where Firefox is offered in a modified version.
A check of the downloaded Firefox distribution on Virustotal returned 13 hits out of 44 antivirus engines, listing the file as "adware" or "PUP" (potentially unwanted software). The real Firefox download comes out clean on the site.
While you can uninstall those bundled tools or the browser without drawbacks usually, you may want to report sites that offer Firefox this way to Mozilla.
The organization's fraud report form lets you do just that. Enter the url that the violation occurred on, the category, e.g. charging for software or distributing modified Firefox, additional details if available, attachments, and your email address if you want to give Mozilla an option to contact you about the report.
Closing Words
It is apparent that - some or many - Internet users can't differentiate between official and third party download sources. It is also clear that this fact is abused by companies or individuals who distribute bundled third party software with those downloads, either in form of an installer that gives users choice what to install and what not, or integrated directly with no choice at all.
Advertisement
I always begin with the developer’s site, though, as you say, it can be hard to find. Also, even some developers’ sites (SourceForge) have gone rogue with bundled crapware. My first look is thus almost always at MajorGeeks, which at least shows a download link for the developer’s site.