New Phishing Scam “steals” Personal information posing as Adobe Online

Yesterday I came across a phishing email with an attachment Po.zip

First I was happy because I was expecting another piece of malware for dissection. However, opening the zip file was a disappointment. It was just a plain old HTML. 

However I still controlled myself from opening it directly in the browser, and viewed its source code instead. There was another disappointment – no obfuscated scripts or drive-by malware.  

So I opened it in the browser, and this is how it looked: 

 
 

 

Following the link took me to a standard phishing page that asks me for a my email address, password and phone number in order to view the document.

 

On submitting the details, a dummy invoice is downloaded which is a perfectly safe PDF. But the attacker already has your email address, password and phone number. That is, if you submitted a real one.

 

 

Previous post:
Next Post:

Written by:

Published on: November 5, 2017

Filed Under: Uncategorized

Views: 41

Leave a Reply

Your email address will not be published. Required fields are marked *