Phishing scam masquerades as Adobe upgrade
Security provider Cloudmark continues to see more spam e-mails with fake notices promising an upgrade for Adobe Reader but instead trying to get users to provide their credit card info.
Phishers use all kinds of come-ons to lure their victims. But one persistent piece of spam tries to trick people by offering an upgrade to Adobe Acrobat.
Detailed by security provider Cloudmark in a blog posted yesterday, this type of advertising spam e-mails users a notice to upgrade to the new Adobe Acrobat Reader. Those who click on the link are directed to a Web site touting the benefits of the software.
The Web site domain name contains the word "adobe," says Cloudmark, as an attempt to give it some kind of legitimacy. But of course, it's just another malicious site designed to capture personal information.
Once on the phony site, the user is prompted to provide contact details and credit card information, which naturally then fall into the hands of the cybercrooks behind this scam.
In September, MX Lab reached out to MailChimp, the e-mail service provider that the spammers used to send out their messages. Once alerted, MailChimp suspended the account. But the recent outbreak of the same scam shows that cybercrooks can easily move from one provider to another.
Adobe is aware of this particular Adobe Reader upgrade scam and has in the past cautioned people to watch out for it.
Of course, Adobe Reader is a free product, so the request for credit card information should be a tip-off that something's not right here. But the phony Web site does describe the product as offering the ability to create and edit PDF files, something only available in the paid version of Acrobat. So some people who want the full product could be fooled. And as with most scams, the bad guys come out ahead even if only a tiny percentage of unsuspecting users swallow the bait.