Monday, June 28, 2010

Adobe Acrobat Reader phishing attack

Fake emails pretending to come from Adobe guide you to a Web site, where you supposedly can download a new version of Adobe Acrobat Reader.
Alas, this is a phishing attack.
When you look up adobe-acrobat-upgrade.com, you will find that it is running on a Russian server, and the registrar is an address in London that is probably hijacked, since Google maps/street view shows the address to be a single residental house. This is certainly not Adobe's headquarters....

The whois entry:

Domain name: ADOBE-ACROBAT-UPGRADE.COM
Name Server: ns3.nic.ru
Name Server: ns4.nic.ru
Name Server: ns8.nic.ru
Creation Date: 2010.06.25
Updated Date: 2010.06.25
Expiration Date: 2011.06.25

Status: DELEGATED

Registrant ID: MYWBV2V-RU
Registrant Name: Emily Johnson
Registrant Organization: Emily Johnson
Registrant Street1: 11 Uxbridge Road
Registrant City: London
Registrant Postal Code: W7 3ST
Registrant Country: GB

Administrative, Technical Contact
Contact ID: MYWBV2V-RU
Contact Name: Emily Johnson
Contact Organization: Emily Johnson
Contact Street1: 11 Uxbridge Road
Contact City: London
Contact Postal Code: W7 3ST
Contact Country: GB
Contact Phone: xxx
Contact E-mail: xxx

Registrar: Regional Network Information Center, JSC dba RU-CENTER


Here the phishing email:

From: Adobe Acrobat Reader
Subject: Download New Adobe Acrobat Reader For Windows
......

HTML clipboard

Dear valued customers,

We are pleased to announce new release of Adobe Acrobat Reader 2010 which will give you more options to view, create, edit, print and share PDF documents.

+ 50% of your daily office works requires document handling.
+ 70% of your documents requires extra processing.
+ 15-20% of your documents requires exchanging with your peers, customers or partners.
+ 30% of such documents are in PDF format, and you need to view, edit, print and share them.

To learn more about new features and install Adobe Acrobat Reader 2010, please:

+ Go to: http://www.adobe-acrobat-upgrade.com/
+ Choose your options, download and start to improve your works.

A full version of Office suite is also available for your download.

Download Today: http://www.adobe-acrobat-upgrade.com/

Best regards,

Adobe Acrobat Reader 2010
--------------------------
Copy rights PDF Pro 2010 © All rights reserved
Website: http://www.adobe-acrobat-upgrade.com/
Posted by at
Labels: , , , , ,

2 comments:

lauren said...

As you stated that Fake emails pretending to come from Adobe guide you to a Web site, where you supposedly can download a new version of Adobe Acrobat Reader.Are these really phishing mails.I too got 2 of them recently but I suspected them so did not used.
electronic signatures

June 20, 2011 at 10:01 PM
watchout said...

Yes, these are phishing emails. Only download Adobe Reader from the Adobe website. Adobe does not send update emails, since Reader is free and you don't need to register. They don't have your email!
Here from Adobe themselves:
http://blogs.adobe.com/psirt/2010/09/alert-adobe-reader-upgrade-email-spamphishing-scam.html

July 10, 2011 at 12:56 PM

Post a Comment

Subscribe to: Post Comments (Atom)