Virus Emails - Adobe Services Invoice - Creative Cloud Service Purchase

Virus Emails - Adobe Services Invoice - Creative Cloud Service Purchase

Would you share this Article with others?

The emails below: "Adobe Services Invoice," "Creative Cloud Serivce Purchase," "Urgent Invoice Attached 6," and "Adobe Payment Required 2" have a malicious Microsoft Word document attached. The fake messages were designed to trick curious recipients into opening the malicious attachment, by claiming that they have purchased some form of Adobe Services and payment is required.

The Fake and Malicious Adobe Services Email Messages

Subject: Adobe Services Invoice
Attachment: Invoice.doc


Please see attached invoice.

Kind Regards,

Adobe Suite

Subject: Creative Cloud Serivce Purchase
Attachment: Adobe Invoice.doc

Dear Customer,

Thank you for signing up for Adobe Creative Cloud Service.

Attached is your copy of the invoice.

Thank you for your purchase.

Thank you,

The Adobe Team

Adobe Creative Cloud Service

Adobe and the Adobe logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. All other trademarks are the property of their respective owners.

© 2014 Adobe Systems Incorporated. All rights reserved.

Subject: Urgent Invoice Attached 6 | Adobe | Payment Required 2

Attachment: Invoice.doc


Thank you for choosing adobe services.

Please see your attached invoice.

Adobe Billing Department
Adobe Systems Incorporated
21 Hickory Drive

If the recipients open the malicious email attachment and enable "Editing and Content" in Microsoft Word, the malicious document, using Macros (a set of instructions), will attempt to download and open a virus or some form of malicious program from the website

The web addresses or URLs where the Macro will attempt to download the malicious file from are:


Note: the cyber-criminals behind this malicious email message may use a different web address or change the name of the file.

The file "dro.exe" is the virus or a Trojan horse.

Now, if you have already opened the malicious Microsoft Word document, please do a full scan of your computer with the antivirus software installed on it.

Because, once your computer has become infected with the malicious Trojan horse, the cybercriminals behind the email message will be able to access and take control of your computer remotely from anywhere around the world. They may spy on you, use your computer to commit cybercrimes, or steal your personal and financial information.

If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.

For a list of other malicious email messages, please click here.

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Check the comment section below for additional information, if there is any. Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: And, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent. Also, to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
There are no comments as yet, please leave one below or revisit.

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

Virus Emails - Adobe Services Invoice - Creative Cloud Service Purchase