Watch out for fake Adobe Flash Player updates!

Macromedia FlashFake Adobe Flash Player update pop-ups are some of the oldest tricks in the book. Unfortunately, a  lot of internet users still fall for them. In reality, Adobe Flash Player is a legitimate functionality used for video applications, games (many of the Facebook games are using Flash Player), web players (such as Youtube), banners/advertisements and even entire websites. Thus, it is important to have Adobe Flash Player updated at all times. However, cybercrooks often leverage its importance and popularity and create malware disguised as Adobe Flash Player updates.

Why the scam works?

virus_definitionsAdobe Flash is one of the most widely distributed products on the Internet. Because of its popularity and global install base, it is often a target of cybercriminals. Cybercriminals are using social engineering methods to distribute their malware through fake Flash update sites, often compelling unsuspecting users, who may be in need of a software update, to unknowingly install malware.

Recently, we came across the following site masquerading itself as an Adobe Flash Player update page:

http://16.a[REMOVED]rks.com/adobe/

 

Fake

Fake

How do they work?

Unsuspecting users see a notice on a webpage or a pop-up window telling them that, in order for them to continue with what they’re doing, they need to update their Adobe Flash Player. When users click on it, a download immediately starts – sometimes users unsuspectingly start the download themselves or the fake update silently installs itself within the browser.

 

 

What are they capable of doing?

Real

Real

Unfortunately, malware is ever-evolving. It changes both in structure and behaviour, so there are many things it could do to a machine it lands on. They are known to steal passwords and take over e-mail accounts (login details and contacts), install other malware, such as the Police Trojan (ransomware) or other infections.

 

 

What can you do, if you fall for the fake Adobe Flash Player update trick?

  • If you are not sure that the update you’ve installed is genuine, you should immediately start a full antivirus scan of your device.spyware
  • You should also disable any toolbars or browser add-ons that you did not install yourself. Here is a guide to help you: how to remove browser toolbars.
  • In order to avoid falling victim, always be careful what you click on! Do not open email attachments or links from unknown senders. If you want to update Adobe Flash Player, it should only be done via the Adobe site, or via their update downloader which is installed on your device when you first install Adobe.

Learn More on how to Remove a Virus.

Let me know in the comments if you installed the Fake Adobe?