17 May 2011

Adobe hit with phishing scam

For Adobe users, there are currently several phishing scams circulating the internet, according to a recent report by PCWorld.

Adobe has been hit with zero-day flaws in its Flash program, including cyber criminals gaining access to the RSA Security Network to compromise information. It appears that hackers are circumventing security measures on the web to lure unsuspecting users into installing software that contains malicious code.

According to PCWorld’s Tony Bradley, Adobe rarely emails users to announce updates, but rather provides an auto-update mechanism for its software. Cyber criminals generally use domain names that are similar to the legitimate company, but can be spotted. For example, cyber criminals may use “adobesystems.com,” rather than “adobe.com.”

“Then, we have the obligatory broken English and poor grammar that seem to afflict all phishing attacks,” wrote Bradley. “Still, many users are naive enough to fall for something like this, which is why phishing attacks continue to be such a huge threat.”

One of the most significant data breaches of the year occurred at Epsilon, the world’s largest permission-based email distributor. Hackers obtained millions of email addresses, and the company warned users they may be in danger of receiving phishing scams and spam as a result of the attack.