Anybody who falls for something like that shouldn't be operating any machinery as complicated as a computer. Such people are a danger to themselves and others. Warnings like that from Sophos won't have any impact on them; they're too stupid to understand it.
Mozilla doesn't communicate with its user community via email. Mozilla doesn't acquire user's email addresses at all.
Reported by Carol in our "Spyware, viruses & security" forum in her post here;
http://forums.cnet.com/7726-6132_102-5182418.html
Security specialist Sophos reports that it has discovered new spam email messages that claim to be an advisory related to an update to the open source Firefox web browser. The fake advisory asks users to update their Firefox installations, "for security reasons", and includes a download link to the supposed update.
According to Graham Cluley of Sophos, the download leads to an executable file that bundles an installer for the Windows version of Firefox 5.0.1 and a password-stealing trojan (Troj/PWS-BSF). As noted by Cluley, users should always exercise caution when clicking on links in emails.
Users can download the latest stable version of Firefox directly from the Mozilla project. Alternatively, users can upgrade to the new versions either by waiting for the automated update notification or by manually selecting "Check for updates" from the Help Menu.
http://www.h-online.com/security/news/item/Fake-Firefox-update-includes-password-stealing-trojan-1319477.html
Thanks for this information Carol
Mark

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic