Earlier this year, I posted an example of a ridiculously contrived attempt to propagate malware. For as amateurish as that one was, this one is the exact opposite: a very clever and convincing ruse. The message purports to be courtesy of an Adobe “Risk Management” official, referencing a known Acrobat exploit, and urging the application of a patch.  What made it quasi-legit was not the fact that it came from Adobe, but that it came as a simulated mail thread from company VP to company VP, ultimately addressing an end-user by name and directing her to take action. I am not a malware expert and did not deconstruct the PDF or EXE to know if or what was infected, but it all seemed suspicious enough to me…

(continue reading…)

Share/Bookmark