Clever “Adobe Risk Management” Fake Alert ~ Do not be fooled!

Image representing Adobe Systems as depicted i...
Courtesy CrunchBase

The above title for today’s cautionary tale was lightly ‘stolen’ from the blog of our good friend Bill Houle, formerly Director of IT for Verari Technologies, Inc and now with Verance.

There have been frequent rogue exploits by the cracker community to use references to Adobe Flash and suggesting that there is an update that must be applied as a simple, almost believable, foil to spoof people into doing things that would compromise their computer systems but a recent significant advancement in “social engineering” to con the recipient into unwittingly adopting the conclusions and actions promoted in the offending email have reached a level of sophistication that makes avoiding making a drastic mistake even harder to do. As time goes by we all need to be increasingly vigilant against making the mistake of falling for these spoofs for everyone that blindly goes where angels fear to tread makes the web world generally more hazardous for all of us.

With that introduction, we heartily recommend that you carefully read Bill’s blog with the above title at The Dark Side Geek: Interesting name that Bill has chosen for his blog given that he is one of the smartest white side geeks we have come across in many a year; his observations are very well worth considering, his advice well worth taking. In this instance, he has presented a very clear review of a recent email exploit that has used the reference to Adobe and “Risk Management” as a device to con recipients into taking actions that would be disastrous for their systems. The con is very well explained here and the advice he gives represents a caution that should never be ignored.

BTW: Adobe, to our knowledge, does not send out emails to users advising any need to do an update to their software: When you install any Adobe products, along with the installation is an underlying program that, like Apple’s iTunes and Microsoft’s software, handles the recognition, and process, of updating installed related software directly; no email notice ever being required or provided so please do not be taken in by such exploits.

Enhanced by Zemanta