Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Flash Player scam charges victims for free program via SMS

The scam has appeared on a Russian social network and charges $3 for a bogus activation code

A creative scheme that charges people via SMS for what should be a free copy of Adobe Systems' Flash player is apparently undergoing a test run on a Russian social network, according to security vendor Bitdefender.

The scam was uncovered after one of Bitdefender's customers found a suspicious link to a Flash Player update on Vkontakte, a social networking service for Russian speakers, said Bogdan Botezatu, senior e-threat researcher for Bitdefender.

If clicked, the link leads to the Flash Player application, but a drop-down menu then asks what country the user is located in as well as for their mobile phone number and operator. Adobe does not ask for any of that information during a normal installation.

If the person is located outside of Russia, the installer instructs the person to send a message to a short code in order to receive an "activation" code to use the program, Botezatu said. People in the U.K., are charged £1.50 for the SMS or around $3 in the U.S., he said.

Russian users are not charged, perhaps because the scam would be reported quickly to authorities, Botezatu said. The scammers have apparently signed up for SMS payment processing services for countries such as the U.K. According to the drop-down menus, the scammers have arranged for SMS payments on networks including O2, Vodafone and Orange as well as AT&T in the U.S.

The scam isn't widespread yet, which Botezatu said may mean the scammers are conducting a trial run to see how well it works before hitting other social networking sites such as Facebook.

Offering downloads of Adobe products is a frequently used ruse to manipulate users. Often, malware will be substituted for a legitimate Adobe download, but this case appears to be just a money spinner.

"There is no other piece of malware bundled with the file," he said. "They only try to squeeze the money through the premium SMS scheme."

Botezatu said Bitdefender notified O2 about the scam. The company has included screenshots on its blog.

Send news tips and comments to jeremy_kirk@idg.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Adobe, Adobe Systems, etwork, Facebook, O2, Orange, Vodafone
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Adobe Systems, bitdefender, security
Latest Blog Posts
Whitepapers
  • Data Center Physical Infrastructure: Optimising Business Value
    To stay competitive in today’s rapidly changing business world, companies must update the way they view the value of their investment in data center physical infrastructure (DCPI). No longer are simply availability and upfront cost sufficient to make adequate business decisions. Agility, or business flexibility, and low total cost of ownership have become equally important to companies that will succeed in a changing global marketplace.
    Learn more »
  • Case Study: NZ Bus Develops Applications 60% Faster, Improves Database Performance by up to 35%
    Key Benefits: Developed applications 60% faster, Created development and test environments in minutes compared to days and weeks previously, Reduced server costs by 30% with server virtualisation, Saved NZ$40,000 in database administrator training costs, Provided high availability features that keep the database and core applications up and running in the event of a server failure, Introduced compression capabilities that improved database performance by 30% to 35%. Read on.
    Learn more »
  • Webcast: Innovation Driving UC Everywhere: From Mobile to the Cloud and Beyond
    Polycom announced it is acquiring HP's Visual Collaboration Business Unit, including HP's Halo products and Managed Services, and the two companies have entered into a deep strategic agreement through which Polycom will become HP's exclusive partner for telepresence and video UC solutions. This will create an end-to-end UC solution that will deliver to our joint customers an unparalleled user experience, interoperability, investment protection, and ease of deployment. Watch this webcast.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.