Saturday, November 1, 2008

Security alert: don’t install Flash or Acrobat from Web sites


By David Gewirtz

Now that America has decided its new President, the dark underbelly of society has come up with a new social engineering scam designed to separate you from your money, infect your computers, and turn your technology against you. I know. Happy thoughts.

"Downloading Flash and Acrobat from is safe. Downloading these files from anywhere else is not."

There's a new series of email messages going out, number in the millions. These messages have various provocative headlines about the President-elect, Senator McCain, or Governor Palin. They're designed to invite you to open them. Many of them have links to Web sites and those Web sites seem vaguely official.

When you click on the link in the email, you're taken to these official-looking sites, where you're told your version of Flash or your version of Acrobat isn't up-to-date and they offer you the opportunity to download an updated version.

Of course, the software you download isn't Flash or Acrobat, it's something designed to infect your computer. F-Secure, an anti-virus company, reports that many of these are installing Trojan-PSW:W32/Papras.CL, a trojan that hides itself using a rootkit. The trojan attempts to steal confidential information from the computer and upload it to a server in Ukraine.

Special, huh?

So let's go over our list of cautions once again, but we'll lead this time with Acrobat and Flash. Never, ever, ever install Flash or Acrobat from a Web site you're visiting because the site says you need to. If you're not sure you're running the latest version, type directly into your browser's address bar, go to Adobe's site, and download from them.

Downloading Flash and Acrobat from is safe. Downloading these files from anywhere else is not.

Just becuase repetition often leads to learning, let's go over our steps for safe computing once again:

  • Never, ever open email attachments. Ever!
  • Update your computer using Windows Update or the Mac updater (or the updater for your Linus distro, if you swing that way) whenever you're told updates are available.
  • Update your virus definitions daily.
  • Update your anti-spyware definitions daily.
  • Update your browser to Internet Explorer 7 or Firefox 3. These have much better anti-phishing protections.
  • Use a router or firewall. If you don't know what this is, call your ISP and ask them for help. Shouldn't cost you more than $50 and can help keep you safe.

And, once again, don't download Flash or Acrobat from sites other than Adobe. Don't download QuickTime from any site other than Don't open email attachments.

Don't open email messages that look like they're just baiting you. Don't go to questionable Web sites. Don't put your credit card into any site you're not already very comfortable with.

There's more, but that'll get you started for today.