Fake Adobe Flash updates lure the unwary

Even though this page looks convincing, the IT security vendor says that downloading the `update' only provides the user with a nasty piece of malware that is classified by McAfee as Downloader-CEW.f.

As a result of its findings, Barracuda is urging users to only get Adobe Flash updates directly from the source - http://get.adobe.com/flashplayer.

According to the IT security vendor, by tracking trending news topics, hackers quickly register a rogue website which climbs the news trending charts fairly quickly.

Clicking on the highlighted result when a search for news is carried out sends the user directly to the fake upgrade page.

But there is a way to spot the fake pages, as Barracuda reports that the dialog boxes opening to the malware only allow uses to click `continue' and other clicks are ignored.

And, says the company's security blog posting, if the user does run the file, it will download a background clicker that uses the Internet connection to generate fake Internet traffic.

"While this activity goes on unseen, additional scamware and spyware programs are downloaded", says the IT security vendor.

The problem, says the firm, is that an unsuspecting user can be compromised in no time, which is why it is recommended to get Adobe Flash updates directly from the source.

What’s Hot on Infosecurity Magazine?