Adobe users targeted in dangerous new phishing campaign

Cartoon Phishing
(Image credit: Shutterstock / DRogatnev)

A new phishing attack has been discovered targeting Adobe users. This particular campaign uses an email that purports to be from the non-existent service Adobe Cloud, which informs the targeted individual that they have files to download.

The phishing attack carries all the hallmarks of previously seen campaigns. The email contains brand logos that appear genuine, as well as a URL, which until further inspection, looks like it contains an Adobe domain name.

The next stage of the attack prompts the victim to “Access Your Secured Document,” which subsequently leads them to a login page for Microsoft Office 365, Google, or their email account.

Credential harvesting

If the intended target does enter their details into the login page, they will have unwittingly handed over sensitive information. With the ill-gotten account credentials at their disposal, a cyberattacker can take over accounts belonging to the victim, sending further malicious emails in their name and committing fraudulent activity.

Adobe is far from the only well-known firm to have its brand leveraged as part of a phishing campaign. With the coronavirus pandemic forcing many individuals to work remotely, cyberattackers have decided that now is the time to spread misinformation and embark on a series of malicious campaigns. Recently employed tactics have revolved around the US presidential election and Covid-19 itself.

Although many phishing campaigns are quite sophisticated, there are often clues within malicious emails that reveal their inauthenticity. With the Adobe scam, for example, there is no product known as “Adobe Cloud” in existence. Although the attackers may have been trying to mimic the similarly named Adobe Creative Cloud, the solution is not generally intended as a file-sharing tool.

Via GreatHorn

TOPICS
Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things. 

Latest in Security
Data leak
Hacked Tata Technologies data leaked by ransomware gang
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
Thousands of iOS apps found to expose user data and leak Stripe keys
China
Chinese hackers targeting Juniper Networks routers, so patch now
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Avast cybersecurity
UK cybersecurity sector could be worth £13bn, research shows
Latest in News
UK Prime Minister Sir Kier Starmer
UK PM says AI should soon replace civil servants
Eight Samsung TVs mounted to the wall showing different basketball games
Samsung is offering you 8 new TVs in one bundle for March Madness, in case you want to watch all games at once like a Bond villain’s lair
The Steam Logo on a mobile phone in front of a wall of games.
Today’s Steam Spring Sale features my absolute favorite game of all time - here's when the sale starts and all the key info
Apple iPhone 16 Pro Max REVIEW
The latest iPhone 17 Pro Max leak may have given us another look at its upcoming redesign
Half-Life running on a smartwatch
This Redditor installed a game engine on their smartwatch, and now it runs Doom, Quake, and Half-Life
Samsung Galaxy Z Fold 6
The Samsung Galaxy Z Fold 7 could be in line for a Galaxy S25 Ultra-level camera upgrade