Bugs & Fixes: Adobe Reader phishing scam

Want to avoid becoming the victim of a phishing scam? It’s usually easy, because most scammers are too inept or too lazy to do a decent job of the deception. Case in point: I received an e-mail this week, purportedly from Adobe, announcing “a new version of PDF Reader/Writer.” (Even though it was Windows-only software, the general advice regarding phishing applies to Mac users as well.)

It took me all of about two seconds to determine that this was almost certainly a phishing expedition.

First of all, Adobe’s product is not called “PDF Reader/Writer,” it’s called “Adobe Reader” or “Adobe Acrobat.” Actually, the e-mail itself could not be entirely consistent about the name, also listing it as “Adobe PDF Reader- Writer.”

Second, the e-mail message was poorly formatted, including having adjacent duplicate redundant links. Adobe would never send out anything this messy.

Third, the return e-mail address was “adobe2010support.2@gmail.com.” There is no way that Adobe would use a gmail.com address. The company has its own adobe.com domain.

Wanting to leave no room for doubt, I also did a quick search of the Web. A few sites cited the e-mail, confirming that it was a hoax. Most notably, Network World included a quote from Adobe, stating “Please be aware that these emails are phishing scams and have not been sent by Adobe or on Adobe’s behalf.”

Case closed.

Still, I was a bit curious as to what the scam was attempting to accomplish. It didn’t take too long to find out. While I don’t recommend trying this at home, I took the risk and clicked the e-mail’s URL. I was taken to a Web site describing the PDF Reader/Writer program, although it was curiously no longer cited as an Adobe product (yet another red flag). Undeterred, I clicked the “Download Now” button. The button’s name is a bit misleading. What it should have said was “Download only after you work through a series of screens where you give us your e-mail address and credit card number.” I obviously bailed at this point, so I never did find out if anything actually downloads at the end. (I doubt it.)

Bottom line: If you receive any e-mail that includes a link, and the message appears at all suspicious, stop right there. Don’t do anything further without first searching the Web to see if it is a hoax. Regardless of what you find, if the e-mail is purportedly from an established company, go to its Web site via a known URL (such as www.adobe.com). From here, check if the product described in the e-mail actually exists. If you’ve enabled the “Warn when visiting a fraudulent website” option in Safari, this may also help identify a fraud. But it is not a guarantee; many fraudulent sites are not caught by Safari (including the one promising me that new version of Reader/Writer).

Fortunately, most phishing scams remain easy to detect. Just exercise a bit of caution and pay attention to the clues.

Ted Landau will be giving a session at Macworld Expo next month based on material that first appeared here in Bugs & Fixes. Come join us.

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Apple @ Work Newsletter