Security

Bugs & Fixes: Adobe Reader Phishing Scam

Want to avoid becoming the victim of a phishing scam? It's usually easy, because most scammers are too inept or too lazy to do a decent job of the deception. Case in point: I received an e-mail this week, purportedly from Adobe, announcing "a new version of PDF Reader/Writer." (Even though it was Windows-only software, the general advice regarding phishing applies to Mac users as well.)

It took me all of about two seconds to determine that this was almost certainly a phishing expedition.

First of all, Adobe's product is not called "PDF Reader/Writer," it's called "Adobe Reader" or "Adobe Acrobat." Actually, the e-mail itself could not be entirely consistent about the name, also listing it as "Adobe PDF Reader- Writer."

Second, the e-mail message was poorly formatted, including having adjacent duplicate redundant links. Adobe would never send out anything this messy.

Third, the return e-mail address was "adobe2010support.2@gmail.com." There is no way that Adobe would use a gmail.com address. The company have its own adobe.com domain.

Wanting to leave no room for doubt, I also did a quick search of the Web. A few sites cited the e-mail, confirming that it was a hoax. Most notably, Network World included a quote from Adobe, stating "Please be aware that these emails are phishing scams and have not been sent by Adobe or on Adobe's behalf."

Case closed.

Still, I was a bit curious as to what the scam was attempting to accomplish. It didn't take too long to find out. While I don't recommend trying this at home, I took the risk and clicked the e-mail's URL. I was taken to a Web site describing the PDF Reader/Writer program, although it was curiously no longer cited as an Adobe product (yet another red flag). Undeterred, I clicked the "Download Now" button. The button's name is a bit misleading. What it should have said was "Download only after you work through a series of screens where you give us your e-mail address and credit card number." I obviously bailed at this point, so I never did find out if anything actually downloads at the end. (I doubt it.)

Bottom line: If you receive any e-mail that includes a link, and the message appears at all suspicious, stop right there. Don't do anything further without first searching the Web to see if it is a hoax. Regardless of what you find, if the e-mail is purportedly from an established company, go to its Web site via a known URL (such as www.adobe.com). From here, check if the product described in the e-mail actually exists. If you've enabled the "Warn when visiting a fraudulent website" option in Safari, this may also help identify a fraud. But it is not a guarantee; many fraudulent sites are not caught by Safari (including the one promising me that new version of Reader/Writer).

Fortunately, most phishing scams remain easy to detect. Just exercise a bit of caution and pay attention to the clues.

Subscribe to the Security Watch Newsletter

Comments