Sophos warns fake Adobe upgrade contains Zeus Trojan

Emails purporting to come from Adobe and offering updates for the company's software are fooling people into downloading the Zeus banking Trojan.

Security company Sophos said that the fake upgrades for Adobe Acrobat Reader and Adobe X Suite Advanced are actually an attached ZIP file that downloads a version of the malware, which has been hugely successful in stealing banking information allowing cyber criminals to drain people's accounts.

Graham Cluley, Sophos' senior technology consultant said: "Computer users need to learn that Adobe never sends out software updates as email attachments, and any legitimate upgrades should always be downloaded from Adobe's own website.

"It's trivial for a malicious hacker to forge an email header to trick the unwary into believing an email has been sent from someone else - so just because it claims to be from Adobe, doesn't mean that it was sent by them."

Sophos warned that each email is slightly different, incorporating different reference numbers in the subject line, attached filename and message body.

A cursory look at the message in one of the spam emails that Sophos has posted online shows the usual dodgy wording, especially the greeting:

Hello Dear,

Adobe is pleased to announce new version upgrades for Adobe Acrobat Reader and Adobe X Suite Advanced features include:

- Collaborate across borders
- Create rich, polished PDF files from any application that prints
- Ensure visual fidelity
- Encrypt and share PDF files more securely
- Use the standard for document archival and exchange

To upgrade and enhance your work productivity today please open attached file.

Cluley added: "Hopefully people are beginning to understand the importance of keeping all software patched and up-to-date, not just your security software.

"However, the risk is that less technical-savvy computer users might believe this email is genuine, and be tricked into installing malware onto their computer thinking that it is an official Adobe update."