It's dangerous to go alone...
So this just came in to me today. An email suggesting that I update Adobe Flash. It's. Critical update…
On the surface it looks legit but no no no! Let's take a minute to see ways we can spot this terrible scam.
By hovering over the incoming address and clicking the right corner of the email address, you will see the actual email address. Not just the name associated with it. In this case, there are two s's in the name. Adobe would not send from this address..
Moving on, you see the very inviting download button but by hovering over the link it will reveal the actual link you would be going to. Notice the spelling here. .gq would not be an Adobe URL.
But let's say you even go so far as to click that link. What happens next?
It takes you to another very convincing site that looks exactly like something you would really see if you were updating Flash by Adobe. But look closer. The URL at the top bar is some garbage link. This is all baiting you in. They've stolen the logos and design from Adobe's site and made their own scam site in hopes that you'll click the next download button. So what if you did click that?
If you're running the latest version of macOS Catalina, you'd see this new window. It's your computer telling you something is about to download. In this case "mysslgo.com" is pure garbage. If you don't know what it is, don't allow it. That's the general rule we should all be following. But what if you do allow it?
You'd then see a file in your downloads with some bogus name like the one above. The good news here is that nothing bad has really happened to you yet. But you're very very close to the Sun right now. If you've fallen this far, there's a good chance you'll just keep going. Eventually you're computer will try to stop you once again by asking you, the boss, to allow this terrible thing by entering your admin password. The bad guys can't install anything on your computer without you granting permission. The whole scam is to convince you that this install really needs to happen. The fact that the bad guys use the word "flash" is beside the point. They are only using that word because they know we've become conditioned over the last several years to updating flash. (Side note: Adobe is no longer supporting actual Flash updates and it will be phased completely out of browsers this year). They could use any word like firewall, security, open port, dark web, or anything else to try to frighten you into interacting with their links. If you are ever in doubt, simply take a screenshot (command+shift+4) then drag over the area you'd like to capture. Send that screenshot to me and I'll give you my thoughts. 9/10 times it's fake.
You are your best defense. Don't type in your admin password unless you have a good reason to do so.
On the surface it looks legit but no no no! Let's take a minute to see ways we can spot this terrible scam.
By hovering over the incoming address and clicking the right corner of the email address, you will see the actual email address. Not just the name associated with it. In this case, there are two s's in the name. Adobe would not send from this address..
Moving on, you see the very inviting download button but by hovering over the link it will reveal the actual link you would be going to. Notice the spelling here. .gq would not be an Adobe URL.
But let's say you even go so far as to click that link. What happens next?
It takes you to another very convincing site that looks exactly like something you would really see if you were updating Flash by Adobe. But look closer. The URL at the top bar is some garbage link. This is all baiting you in. They've stolen the logos and design from Adobe's site and made their own scam site in hopes that you'll click the next download button. So what if you did click that?
If you're running the latest version of macOS Catalina, you'd see this new window. It's your computer telling you something is about to download. In this case "mysslgo.com" is pure garbage. If you don't know what it is, don't allow it. That's the general rule we should all be following. But what if you do allow it?
You'd then see a file in your downloads with some bogus name like the one above. The good news here is that nothing bad has really happened to you yet. But you're very very close to the Sun right now. If you've fallen this far, there's a good chance you'll just keep going. Eventually you're computer will try to stop you once again by asking you, the boss, to allow this terrible thing by entering your admin password. The bad guys can't install anything on your computer without you granting permission. The whole scam is to convince you that this install really needs to happen. The fact that the bad guys use the word "flash" is beside the point. They are only using that word because they know we've become conditioned over the last several years to updating flash. (Side note: Adobe is no longer supporting actual Flash updates and it will be phased completely out of browsers this year). They could use any word like firewall, security, open port, dark web, or anything else to try to frighten you into interacting with their links. If you are ever in doubt, simply take a screenshot (command+shift+4) then drag over the area you'd like to capture. Send that screenshot to me and I'll give you my thoughts. 9/10 times it's fake.
You are your best defense. Don't type in your admin password unless you have a good reason to do so.
Sells Consulting email