Adobe InDesign License Key malware attack spammed out

Filed Under: Adobe, Featured, Malware, Spam

InDesign iconCriminal hackers have spammed out emails which pretend to contain a license key for the desktop publishing program Adobe InDesign.

Their intention? To infect your Windows computer with malware.

The emails pretend to come from Adobe, in a noxious campaign which bears many similarities to the fake Adobe Acrobat Reader updates spammed out yesterday.

A typical message looks like the following:

Adobe InDesign malicious email

Subject: InDesign CS4 License Key

Attached file: License_key_ID[random number].zip

Message body:

Your Adobe CS4 License key is in attached document below.
We encourage you to explore its new and enhanced capabilities with these helpful tips, tutorials, and eSeminars.
Thank you for buying Adobe InDesign CS4 software.

Adobe Systems Incorporated

Sophos detects the malware as the Troj/Bredo-MY Trojan horse.

Remember - computer security is not just about keeping your anti-virus software properly updated. It's also about realising that companies are not in the habit of emailing you unsolicited attachments out of the blue.

, , , ,

You might like

3 Responses to Adobe InDesign License Key malware attack spammed out

  1. Maria · 1361 days ago

    Thanks for the update... I also got a suspicious email from "Adobe Update Notification" this week. The text read:

    Hello Dear,

    Adobe is pleased to announce new version upgrades for Adobe Acrobat Reader and Adobe X Suite Advanced features include:

    - Collaborate across borders
    - Create rich, polished PDF files from any application that prints
    - Ensure visual fidelity
    - Encrypt and share PDF files more securely
    - Use the standard for document archival and exchange

    To upgrade and enhance your work productivity today please open attached file.

    Copyright 2011 Adobe Systems Incorporated. All rights reserved.
    TrackNum: PCLOLS-2024919

    Adobe Systems Incorporated,
    Tue, 6 Dec 2011 14:20:26 +0100

    (I did not open the attachment - your post today confirms that this was a scam...)

  2. artfrankmiami · 1361 days ago

    Luckily I already have the latest version, though I actually prefer QuackDistress better.

  3. Robert Gracie · 1361 days ago

    the way I deal with scammers is very very simple I put all their scam ridden content in my spam folder and its problem solved for me

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley