Adobe warns of license key email scam

Adobe warns of license key email scam

Summary: The company has issued a warning that a malicious email campaign is underway using Adobe software licenses as a lure. Adobe calls it a phishing attack, but other reports say it contains a malware attachment.

TOPICS: Security

Adobe is reporting that "...a phishing campaign is underway involving malicious email purporting to deliver license keys for a variety of Adobe offerings."

Based on other reports, such as this one from MX Lab and this one from Cisco Security Intelligence Operations, the emails are not actually a phishing attack, but contain a ZIP file attachment which itself contains a malicious .exe file.

The file names are and License_Key_Document_Adobe_Systems_____.exe.

The email body, as reported by Cisco is thus:

Subject: Download your adobe software

Message Body:


Thank you for buying Digital Publishing Suite, Professional Edition Digital Publishing Suite software.

Your Adobe License key is in attached document below.

Adobe Systems Incorporated


The MX Lab report shows that there are many variations on the email body. They say the EXE file is 209KB. The VirusTotal report for the malware on Friday night showed 27 of the 49 engines detecting the threat using a variety of threat names.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Grammar

    "in attached document below." does not sound like a native or fluent speaker of English.
  • MS OS

    Keep using microsoft product.. for more fun.
  • it's gotten to the point

    that I'm avoiding adobe products by default now
    • No Adobe product involved, just their name.

      It is not compromised Adobe product. It is an infected email masquerading as an Adobe license.

      We must endeavor to keep our facts straight.
  • Why?

    This is just like the "track your shipment" emails. if you didn't purchase this program, why would you open the attachment?
    • Hit and miss.

      With the amount of emails they send at once, they are sure to hit a percentage who did actually buy the software, then a percentage of people who have bad security.

      In the end they might send millions of emails, and actually hit a couple hundred computers, they only need one bank account compromised to make a profit.