You are here

phishing

Phishing email from the Adobe Compromise

Malicious email from Adobe database

This email arrived yesterday. It was sent to an address that only exists in the databases of Adobe and of my email provider. Given that Adobe's customer databases were looted earlier this fall by hackers, I suppose it was a matter of time.

For the uninitiated, I strongly warn you NOT to try to follow the link in that email. If it's only slightly malicious, then the web page will try to tease me out of personal information. After all, this is a job offer, and employers are obliged to collect SSNs and other personal information. 

If it's seriously malicious, then the web page will send me a malicious MS Word or Acrobat file, or perhaps just some web-based scripts, that poke around on my machine looking for weaknesses. 

Wordpress tag: 
Post category: 

Odd new form of malicious spam

Malicious email

 I received the email displayed at the right. While Larry Grinnell is indeed a friend of mine who sends me email, the sender's email address was not his. This is one of several emails I've received, all extremely brief, and all with the exact same, format. The Subject line contains an exclamation. The body text contains my name and a single URL. I started saving them and experimenting with the URLs.

The first URL led to a place in Russia that displayed a weight-loss ad. I used a VM running Chrome to open it. When I used the same VM to open the more recent one (shown above) the VM crashed. I expected that. What I didn't expect was for it to take my whole desktop down, too. 

Post category: 

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer