E-mails purportedly coming from the Adobe Support Team, reminding the recipient that a new version of Adobe Acrobat Reader has been released and offering a link (hxxp://www.adobe-2011-download.org) for the upgrade, have been hitting inboxes lately.
But once the user follows the link, there is no more mention of Adobe – just of a “PDF Reader/Writer”:
To “get access” to it, the user is required to give out some general information, and to choose a “plan”:
According to Sunbelt researchers, the “EDT Scanner” mentioned in the offer has its own home page, and is also offered on a download site called “BrotherSoft” for $29.95. They downloaded a free trial version that wasn’t detected as malicious by various AV sources, but it did nothing at all.
The best possible scenario in all of this is that the victim loses some money. The very worst – money loss, credit card compromise and theft of funds from the account to which is tied, and a malware infested computer that spies on the victim and collects his or hers data.