We recently found a compromised site serving what appears to be an Adobe phish.
Like most phishing campaigns, this one may have originated from a spammed email. Although we do not have the actual sample of said email, it pays to be familiar with what the fraud page looks like and its content, too.
Please direct your attention to the screenshot below, dear Reader:
Adobe account Use your Email and Password to have online access to the document sent to you from Adobe. *select other mail provider, if your email provider is not listed in the right
We can deduce from the page’s content that the spam may have originated from a spoofed Adobe address, promising an important document the recipient has to see.
In order to do so, they are then instructed to access their Adobe account by entering their email credentials, specifically for AOL, Gmail, Outlook, and Yahoo! The page also caters to credentials for other email providers.
Visitors clicking either of the email service brands at the right side of the page changes the user entry fields at the left side to match with the look of the real thing. Please refer to the showcase gallery below for the complete picture:
Some of us may quickly and easily identify that the whole thing is a phishing campaign, but some may also not realize this until it’s too late.
Be extra careful when dealing with emails purporting to have come from Adobe. If you’re unsure if what you received is part of a phishing campaign, you can forward the email to firstname.lastname@example.org. It also pays to remain informed and read Adobe’s page here on how to avoid falling for phishing schemes.