A creative scheme that charges people via SMS for what should be a free copy of Adobe Systems’ Flash player is apparently undergoing a test run on a Russian social network, according to security vendor Bitdefender.
The scam was uncovered after one of Bitdefender’s customers found a suspicious link to a Flash Player update on Vkontakte, a social networking service for Russian speakers, said Bogdan Botezatu, senior e-threat researcher for Bitdefender.
If clicked, the link leads to the Flash Player application, but a drop-down menu then asks what country the user is located in as well as for their mobile phone number and operator. Adobe does not ask for any of that information during a normal installation.
If the person is located outside of Russia, the installer instructs the person to send a message to a short code in order to receive an “activation” code to use the program, Botezatu said. People in the U.K., are charged £1.50 for the SMS or around $3 in the U.S., he said.
Russian users are not charged, perhaps because the scam would be reported quickly to authorities, Botezatu said. The scammers have apparently signed up for SMS payment processing services for countries such as the U.K. According to the drop-down menus, the scammers have arranged for SMS payments on networks including O2, Vodafone and Orange as well as AT&T in the U.S.
The scam isn’t widespread yet, which Botezatu said may mean the scammers are conducting a trial run to see how well it works before hitting other social networking sites such as Facebook.
Offering downloads of Adobe products is a frequently used ruse to manipulate users. Often, malware will be substituted for a legitimate Adobe download, but this case appears to be just a money spinner.
“There is no other piece of malware bundled with the file,” he said. “They only try to squeeze the money through the premium SMS scheme.”
Botezatu said Bitdefender notified O2 about the scam. The company has included screenshots on its blog.
Send news tips and comments to jeremy_kirk@idg.com