Phishers target Adobe vulnerability

Phishers are sending out cleverely-constructed e-mails purporting to be from a Taiwanese bank in a bid to trick victims into downloading malware that exploits an Adobe vulnerability.

  0 Be the first to comment

Phishers target Adobe vulnerability

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

The spam e-mails contain credit card promotion email messages that are embedded with an .swf virus link, says Internet security outfit Symantec.

Recipients are able to see the bank's image at the top of the message and promotion notes at the bottom. There is also a large blank space designed to trick victims into believing the promotion content has been lost in transit.

The message contains a link that recipients are instructed to click on if the page does not display properly. If clicked on, users are redirected to a site containing shellcode in the form of a file named sploit.swf, which exploits Adobe AVM2 Scope Stack Corruption vulnerability.

Adobe released a patch for the vulnerability - which affects Acrobat, Reader and Flash - last month.



Sponsored [On-Demand Webinar] Exploring the ethics of AI in banking

Comments: (0)

[Webinar] 2025 Fraud Trends: Synthetic Identity, AI and Incoming MandatesFinextra Promoted[Webinar] 2025 Fraud Trends: Synthetic Identity, AI and Incoming Mandates