No internet connection

No Internet Connection Detected

Virus Emails - Adobe Services Invoice - Creative Cloud Service Purchase

The emails below: "Adobe Services Invoice," "Creative Cloud Serivce Purchase," "Urgent Invoice Attached 6," and "Adobe Payment Required 2" have a malicious Microsoft Word document attached. The fake messages were designed to trick curious recipients into opening the malicious attachment, by claiming that they have purchased some form of Adobe Services and payment is required.

Virus Emails - Adobe Services Invoice - Creative Cloud Service Purchase
Advertisement

The Fake and Malicious Adobe Services Email Messages

Subject: Adobe Services Invoice
Attachment: Invoice.doc

Hi,

Please see attached invoice.

Kind Regards,

Adobe Suite

Subject: Creative Cloud Serivce Purchase
Attachment: Adobe Invoice.doc

Dear Customer,

Thank you for signing up for Adobe Creative Cloud Service.

Attached is your copy of the invoice.

Thank you for your purchase.

Thank you,

The Adobe Team

Adobe Creative Cloud Service

Adobe and the Adobe logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. All other trademarks are the property of their respective owners.

© 2014 Adobe Systems Incorporated. All rights reserved.

Subject: Urgent Invoice Attached 6 | Adobe | Payment Required 2

Attachment: Invoice.doc

Hello,

Thank you for choosing adobe services.

Please see your attached invoice.

Adobe Billing Department
Adobe Systems Incorporated
21 Hickory Drive

If the recipients open the malicious email attachment and enable "Editing and Content" in Microsoft Word, the malicious document, using Macros (a set of instructions), will attempt to download and open a virus or some form of malicious program from the website www.chinamanken.com.

The web addresses or URLs where the Macro will attempt to download the malicious file from are:

  • chinamanken.com/exe/fedex.php
  • chinamannick.com/exe/dro.exe

Note: the cyber-criminals behind this malicious email message may use a different web address or change the name of the file.

The file "dro.exe" is the virus or a Trojan horse.

Now, if you have already opened the malicious Microsoft Word document, please do a full scan of your computer with the antivirus software installed on it.

Because, once your computer has become infected with the malicious Trojan horse, the cybercriminals behind the email message will be able to access and take control of your computer remotely from anywhere around the world. They may spy on you, use your computer to commit cybercrimes, or steal your personal and financial information.

If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.

For a list of other malicious email messages, please click here.

Check the comment section below for additional information, share what you know or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Click here help maintain Online Threat Alerts (OTA).

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Would you share this article with others?  +

Comments, Questions, Answers, or Reviews

There are no comments as yet, please leave one below or revisit.

To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews.
Advertisement

Write Your Comment, Question, Answer, or Review

NB: We will use your IP address to display your approximate location to other users.

Your post will be set as an anonymous because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

Advertisement
Virus Emails - Adobe Services Invoice - Creative Cloud Service Purchase