The emails below: "Adobe Services Invoice," "Creative Cloud Serivce Purchase," "Urgent Invoice Attached 6," and "Adobe Payment Required 2" have a malicious Microsoft Word document attached. The fake messages were designed to trick curious recipients into opening the malicious attachment, by claiming that they have purchased some form of Adobe Services and payment is required.
The Fake and Malicious Adobe Services Email Messages
Subject: Adobe Services Invoice
Attachment: Invoice.doc
Hi,
Please see attached invoice.
Kind Regards,
Adobe Suite
Subject: Creative Cloud Serivce Purchase
Attachment: Adobe Invoice.doc
Dear Customer,
Thank you for signing up for Adobe Creative Cloud Service.
Attached is your copy of the invoice.
Thank you for your purchase.
Thank you,
The Adobe Team
Adobe Creative Cloud Service
Adobe and the Adobe logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. All other trademarks are the property of their respective owners.
© 2014 Adobe Systems Incorporated. All rights reserved.
Subject: Urgent Invoice Attached 6 | Adobe | Payment Required 2
Attachment: Invoice.doc
Hello,
Thank you for choosing adobe services.
Please see your attached invoice.
Adobe Billing Department
Adobe Systems Incorporated
21 Hickory Drive
If the recipients open the malicious email attachment and enable "Editing and Content" in Microsoft Word, the malicious document, using Macros (a set of instructions), will attempt to download and open a virus or some form of malicious program from the website www.chinamanken.com.
The web addresses or URLs where the Macro will attempt to download the malicious file from are:
- chinamanken.com/exe/fedex.php
- chinamannick.com/exe/dro.exe
Note: the cyber-criminals behind this malicious email message may use a different web address or change the name of the file.
The file "dro.exe" is the virus or a Trojan horse.
Now, if you have already opened the malicious Microsoft Word document, please do a full scan of your computer with the antivirus software installed on it.
Because, once your computer has become infected with the malicious Trojan horse, the cybercriminals behind the email message will be able to access and take control of your computer remotely from anywhere around the world. They may spy on you, use your computer to commit cybercrimes, or steal your personal and financial information.
If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.
For a list of other malicious email messages, please click here.