Adobe Acrobat Reader phishing attack

Fake emails pretending to come from Adobe guide you to a Web site, where you supposedly can download a new version of Adobe Acrobat Reader.
Alas, this is a phishing attack.
When you look up adobe-acrobat-upgrade.com, you will find that it is running on a Russian server, and the registrar is an address in London that is probably hijacked, since Google maps/street view shows the address to be a single residental house. This is certainly not Adobe's headquarters....

---

The whois entry:

Domain name: ADOBE-ACROBAT-UPGRADE.COM
Name Server: ns3.nic.ru
Name Server: ns4.nic.ru
Name Server: ns8.nic.ru
Creation Date: 2010.06.25
Updated Date: 2010.06.25
Expiration Date: 2011.06.25

Status: DELEGATED

Registrant ID: MYWBV2V-RU
Registrant Name: Emily Johnson
Registrant Organization: Emily Johnson
Registrant Street1: 11 Uxbridge Road
Registrant City: London
Registrant Postal Code: W7 3ST
Registrant Country: GB

Administrative, Technical Contact
Contact ID: MYWBV2V-RU
Contact Name: Emily Johnson
Contact Organization: Emily Johnson
Contact Street1: 11 Uxbridge Road
Contact City: London
Contact Postal Code: W7 3ST
Contact Country: GB
Contact Phone: xxx
Contact E-mail: xxx

Registrar: Regional Network Information Center, JSC dba RU-CENTER

---

Here the phishing email:

From: Adobe Acrobat Reader
Subject: Download New Adobe Acrobat Reader For Windows
......

HTML clipboard

Dear valued customers,

We are pleased to announce new release of Adobe Acrobat Reader 2010 which will give you more options to view, create, edit, print and share PDF documents.

+ 50% of your daily office works requires document handling.
+ 70% of your documents requires extra processing.
+ 15-20% of your documents requires exchanging with your peers, customers or partners.
+ 30% of such documents are in PDF format, and you need to view, edit, print and share them.

To learn more about new features and install Adobe Acrobat Reader 2010, please:

+ Go to: http://www.adobe-acrobat-upgrade.com/
+ Choose your options, download and start to improve your works.

A full version of Office suite is also available for your download.

Download Today: http://www.adobe-acrobat-upgrade.com/

Best regards,

Adobe Acrobat Reader 2010
--------------------------
Copy rights PDF Pro 2010 © All rights reserved
Website: http://www.adobe-acrobat-upgrade.com/

Amazon phishing emails.

Phishing emails pretenting to come from Amazon.com are presently flooding into the mail box. However, the links do not go out to Amazon, but to townknow.com. Further, if you look at the numbers, they do not add up. Of the more than 10 emails I got, each had a different amounts for ordering. The number are just made up randomly.

Here is an example:

Thanks for your order, xxxxx

Did you know you can view and edit your orders online, 24 hours a day? Visit Your Account.

Order Information:

E-mail Address: ?xxxx

Order Grand Total:?$ 57.99
?
Earn 3% rewards on your Amazon.com orders with the Amazon Visa Card. Learn More

Order Summary:
Details:
Order #: D93-0103230-8760417 Subtotal of items:? $ 41.99 ? ------ Total before tax:? $ 25.99 Sales Tax:? $ 0.00 ? ------ Total for this Order:? $ 52.99

The following item was ordered:
Click here and see items, Price: $ 82.99
By: Click here
Sold by: Amazon Digital Services, Inc.
?

The charge for this order will appear on your credit card statement from the merchant 'AMZN Payment Services.'

You can review your orders in Your Account. If you've explored the links on that page but still have a question, please visit our online Help Department.

Please note: This e-mail was sent from a notification-only address that cannot accept incoming e-mail. Please do not reply to this message.

Thanks again for shopping with us.

Amazon.com
Earth's Biggest Selection

In another example the total order was 74.99, with a total of 0.99. What rubbish. Don't click on this.

Order Grand Total:?$ 74.99
.....

Total for this Order:? $ 00.99

Fraud email: European Economic and Social Committee

I am reposting this from an earlier blog entry, just as a reminder.

Another fraud email. Sure, a European Committee has a Chinese email - yeah, right.

The European Economic and Social Committee (EESC)
99, rue Belliard
B-1040 BRUSSELS
TEL/FAX:0032 (0)2 513 48 93
eesc.europa.eu

Notification of Cash Grant

We bring to your notice the decision by the board of directors of the European Economic and Social Committee in conjunction with the United Nations to choose you as the recipients of a cash grant for your own personal, educational, and business development(SME funding). To promote growth and avert the effect of the ongoing global credit crisis.

We are giving out a yearly donation of $500,000.00 to 1000 lucky recipients selected from over 150 countries all over the globe with assistance from local community schemes and welfare institutions.
To file for claims, do forward all relevant information about you as well as contact details to the commission's secretary on;

Contact Person: Ann Ruthford
Email: eescgrants@w.cn

Endeavour to quote your qualification numbers: EU/UN001/210AB/YZ676 and must be kept confidential.
Congratulations from members of staffs and directors of the scheme.
Best Wishes
George Green.
EESC Social welfare director

The usual Email quota phishing SPAM email

Yet another example of a SPAM email that tries to fish data from you.

Your mailbox has exceeded the allocated storage limit as set by the administrator,
you may not be able to send or receive new mail until you upgrade your allocated
quota.

To upgrade your quota, please click on the following link:

http://beam.to/accountupdate8457

Thank you for your anticipated cooperation.

Webmail Support Team.

Tabnabbing, a New Type of Phishing Attack

Tidbits reports on a new type of Phishing attack using tabs in many browsers.
The link to the article.
Basically, you are surfing a compromised web site. Then you switch to another tab. When return to the original site, you see now a login screen, which is fake.
So, the solution at present: If you ever switch to a tab and it's displaying a login screen, just close the tab, ignore the login.