November, 2017

  • New Phishing Scam “steals” Personal information posing as Adobe Online

    Yesterday I came across a phishing email with an attachment

    First I was happy because I was expecting another piece of malware for dissection. However, opening the zip file was a disappointment. It was just a plain old HTML. 

    However I still controlled myself from opening it directly in the browser, and viewed its source code instead. There was another disappointment – no obfuscated scripts or drive-by malware.  

    So I opened it in the browser, and this is how it looked: 



    Following the link took me to a standard phishing page that asks me for a my email address, password and phone number in order to view the document.


    On submitting the details, a dummy invoice is downloaded which is a perfectly safe PDF. But the attacker already has your email address, password and phone number. That is, if you submitted a real one.



    November 5, 2017 • Uncategorized • Views: 41