Be Wary of Fake Adobe Update Scam

Thursday, March 31, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

Jamie Tomasello of Cloudmark has posted an article warning Adobe users of a widely distributed scam designed to harvest consumer credit card information.

The scam is being perpetrated through spam emails with the subject heading “Action required : Upgrade New Adobe Acrobat Reader For Your PC”.

The email message contains links to a malicious site and contains the name "Adobe" in the URL, which gives unsuspecting recipients the impression that the links lead to a legitimate Adobe website.

"Once you click on the “Download Now” button, you are redirected to secureonlineweb.su to provide your contact information and your credit card details. Our samples, as well as reports elsewhere, show this scam being sent by otherwise legitimate ESPs (Email Service Providers) – as noted by MX Lab, Mailchimp has been victimized this way in the past, and the current batch of scam spam is coming from Silverpop," Tomasello wrote.

The following is a screenshot of the scam email:

image

The scam is attempting to take advantage of concerns regarding a recently discovered vulnerability in Adobe and the authentic advisories directing Adobe users to download an updated version of the software.

"Amid reports of Adobe’s recent zero-day vulnerability, users have been urged to update to the newest version. Unfortunately, scammers are using this as an opportunity to target users," CSO's Bill Brenner said.

Adobe is aware of the scam operation, and advises those who receive the emails to delete them immediately. Those who have not yet updated to the latest version of Adobe can do so here: http://get.adobe.com/reader/.

The best way to avoid scams like these is to enable automatic updates for your software. This will ensure you receive necessary patches in a timely manner from a trusted source.

Possibly Related Articles:
21074
General
Adobe Email scam Social Engineering Headlines Alert
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.