Alert – Fake Emails “from Adobe” to Upgrade Adobe Reader

So there I was, minding my own little business, a bit bored maybe because nobody had attempted to infect my computer for a few days when I fished (pun intended but perhaps not yet obvious) a good one out of the tank. And by tank I mean the spam folder in one of my email addresses.

The “From” field in the email was “Adobe Systems Incorporated”. The subject “Action required : Upgrade New Adobe Acrobat Reader For Your PC”. The heading within the email “GETTING MORE DONE AT WORK NOW COMES IN A CONVENIENT BOX”. And then some pitch about upgrading to the latest version of Adobe Reader, blah blah blah and a link, placed twice in different points of the email, to go and “download the latest version” of Adobe Reader.

If you get such an email and are fool enough to click on that link, you will see an almost legit looking website that again promotes downloading the latest version of Adobe Reader, and there’s a button you can click on that says “download”. Again, looking very official. Except that last link will take you to a phishing website.

I was actually never able to land on the phishing website, thanks to OpenDNS, which had already labelled it as phishing and had blocked access to everyone who uses their service (see http://remotehelpexpert.com/blog/?p=2332 for data on using OpenDNS as protection against phishing). But I wanted to alert my avid and loyal readers of this fresh new scam going on.

Generally speaking, never update computer programs by clicking on a link from an unknown source that promises you to take you to the appropriate website. Rather, type the website address (for example in this case, adobe.com) and then navigate within the website to find the download location and proceed from there.

Hope this help prevents unnecessary infections and identity theft.

One thought on “Alert – Fake Emails “from Adobe” to Upgrade Adobe Reader

  1. Hiya

    Yip, seen this as well from a client computer that was infected. I know spam is down and malware infections are up but as long as there is social engineering problems will continue.

    I guess its hard for people to notice what a genuine update request looks like.

    Forever and again. Nice blog!!!

Leave a Reply

Your email address will not be published. Required fields are marked *