Yesterday after visiting sites for a solar panel and a battery home energy storage system (renogy, sportsmanswarehouse), clicking on the google ads for them, I immediately received spam emails from two sites I visited. I ***never*** entered this email anywhere; not in any form, not in an "inquiry" or sales form; not in related sites, not in purchases, etc. It was stolen without any action on my part, except visiting these sites through a google ad, while I was logged into google calendar app.
This happened shortly after I transitioned from safari to firefox on my old mac (macOS10.15.7). This was my private google email. I cannot definitively point the finger at firefox, but the timing ***strongly*** suggests this, related to some failing of firefox security that safari is not vulnerable to. My guess is that my google login credential was in a cookie that firefox allowed the sites to access, but safari does not.
Mac no longer supports the safari on this mac, so I cannot use it for many sites, but firefox does. So, if firefox can fix this vulnerability -GREAT. I would be much obliged. If it does not, this computer has to go into a landfill, for no reason other than planned obsolescence, which is a bummer.
To my knowledge, I had fairly strict security mode settings in firefox.
Deets:
FIREFOX 136.0
macOS10.15.7
MacBook Pro (Retina, 13-inch, Early 2013)
spam emails from: renogy@safeopt.com, sportsmanswarehouse@d.sportsmans.com
