Here’s How You Get A Virus!

You’ve been softened up because everything looks right. It is not.

Ever wonder how computer viruses propagate through the Internet? I just got an email which may shed some light. Go ahead and click the image at the top of this entry so you can get a better look (looking at my image won’t give you a virus–honest).

The email looks like it’s coming from Adobe and it references Acrobat a product which gets updated interminably! You’ve been softened up because everything looks right. It is not.

Even the URL you click on looks right… until you look closer. It’s not going to adobe.com, but adobe-reader-upgrades.info.

I did a “whois” search. Here’s what I found:

Domain ID:D36817246-LRMS
Domain Name:ADOBE-READER-UPGRADES.INFO
Created On:16-Feb-2011 22:20:23 UTC
Last Updated On:16-Feb-2011 22:20:33 UTC
Expiration Date:16-Feb-2012 22:20:23 UTC
Sponsoring Registrar:Regional Network Information Center, JSC dba RU-CENTER (R383-LRMS)
Status:CLIENT TRANSFER PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:CRABZUX-RU
Registrant Name:redacted
Registrant Organization:redacted
Registrant Street1:2938 Avenue Street
Registrant Street2:
Registrant Street3:
Registrant City:New York
Registrant State/Province:
Registrant Postal Code:20394
Registrant Country:US
Registrant Phone:+1.8778663849

This domain was created Wednesday night at 5:20 PM EST (22:20 UTC) at a Russian registrar. Obviously the rest of the info is bogus!

The server that answers when you enter adobe-reader-upgrades.info is also in Russia, in Vladivostok.

This email is well done. Kudos to the crooks! It’s beautifully engineered to gain your trust.

Is this legal? Probably not, but exactly who is going to police this after the close of business across Europe and a good part of the United States? By the time this is stopped the damage will be done. Hundreds or thousands of computers will be infected.

In the end this isn’t evil for evil’s sake, but evil for money’s sake.

13 thoughts on “Here’s How You Get A Virus!”

  1. You might want to blur out your email address in the screen capture. Unless that’s a throwaway address that you don’t really use.

    1. Keith – Between my gmail and geofffox.com addresses I get 1,500 to 2,000 spam emails a day. They are well filtered.

      My email address already appears on every page of this website.

      Geoff

  2. When I get an email like that I always delete it. In this day and age, most software will tel you when yo use it that an update is available and offer to download and install the update from within the program so that is what I rely on.

    And being that Acrobat is free, do you even need to register it and provide an email address? I don’t remember, but I don’t believe that you do.

  3. The worst virus I ever got was from youtube. I went to click on a video and a screen came up and said I needed to upgrade my Flash program to view this. That’s what I did. it literally took over the computer even my Kaspersky couldn’t stop it. It filled the screen with a virus warning and to give them my credit info to purchase a program to remove it. I tried shutting down the computer and restarting. the screen telling me to beware of a virus on my computer was there asking for my credit card. I had to format and start over.
    the sender address in the example above looks a bit suspicious to me.

  4. I’d like to say that I’d catch this as I’m pretty vigilant when it comes to my computer. Guess the BEST thing anyone can do when receive emails that send you to a company’s website is close the email and type the website in your browser’s address bar.

    Guess that’s what I should start doing now. Thanks for the reminder, Geoff!

  5. How does this make money for the virus-spreader? Call me stupid, but…well, don’t really, but I don’t understand the PURPOSE of all these viruses.

    1. Laurie – They might install software to get your bank password. They could turn your computer into a ‘zombie’ to send spam. Some install software that compromises your PC then sell the software to remove it!

      It’s business. Crooked business, but business!

Leave a Reply to NancyB Cancel reply

Your email address will not be published. Required fields are marked *