Rogue antivirus spammers masquerade as Adobe patches

Rogue antivirus suppliers are posing as Adobe updates in phishing scam.

Adobe Systems Inc. is warning users of phony emails purporting to be out-of-band patches for the company's Flash Player, Acrobat and Reader software.

Adobe plans to issue out-of-band patches today, and as a result, some purveyors of rogue antivirus software are exploiting the situation by sending out messages purporting to come from Adobe. The messages can contain rogue antivirus and other malware and can also lead victims to phishing sites to collect personal information, which may come in useful in a later scam.

Adobe is expected to issue critical updates for Adobe Acrobat and Adobe Reader for Windows and Macintosh versions. UNIX updates are planned for Nov. 30. The update applies to users of Adobe Acrobat and Reader versions 9.4 and earlier.

Adobe said users need to be cautious when receiving email notifications, as some of them may come from cybercriminals.

"Many of these emails require recipients to register and/or provide personal information. Please be aware that these emails have not been sent by Adobe or on Adobe's behalf," the company warned.

Adobe said its Reader PDF viewing software is freely available for download directly from its Adobe Reader Download page and not available at in any other manner.

"Customers receiving one of these potentially malicious emails should delete the email immediately without clicking on any of the links," Adobe said.

Tom Kelchner, writing on the Sunbelt blog identified one group that is already using phony Adobe emails. He said the "malicious folks" behind the ThinkPoint.FakeRean rogue antivirus are using a phony Flash Player installer to trick victims into downloading their rogue software. He said the installer looks pretty convincing.

"They are making them look real, but if the URL doesn't show then it is a fake," Kelchner wrote.

Read more on Hackers and cybercrime prevention