Avoiding Adobe Flash Player Scams

Q: Some of the sites I visit ask for Adobe Flash Player in order to run any videos etc. I have gone to the link as well as Adobe and downloaded the player, but it doesn’t seem to be found by the Web sites when I try to run a video. What am I doing wrong? – Kathy

What you likely have done wrong is fall for one of the most common ploys by hackers these days to infect your computer with a worm.

Some time ago, we started seeing various ploys tricking people into installing malicious software into their computer under the auspices of needing an updated Adobe Flash player.

These clever ‘social engineering’ scams generally use salacious or provocative headlines in e-mails, on Web sites, through social media sites or instant messages to get folks to click on the links.

Often times, especially in the case of the ‘KoobFace’ worm commonly via social media sites, the message will suggest that the subject of the video is you, so that you are highly interested in viewing it. (ex: I can’t believe they caught you on camera doing this!)

If they can get you overly concerned about seeing the video, then you’ll likely be too distracted to realize that it’s a scam.

For instance, if you were to look closely at a video that claims to be on Facebook or YouTube, generally speaking you will see a slightly stretched logo or a funny Web address.

The message that tries to hook you will often have misspellings or bad grammar or even broken English.

To make things look more realistic, they generally steal the official Adobe Flash button from the Adobe Web site, so it looks legit when you are told you need the new version of the Flash Player. And if you assume that it must be coming from Adobe since it is their button, they once again got you to let your guard down.

The problem is most folks are so worried about what’s on the video that they blow right past the obvious ‘red flags’ that this may not be legit.

The fact that you go through the download and still can’t see the video is a further indication that you have probably been had.

These infections are called worms, because once they make their way into your computer, they can ‘worm’ through the Internet without any help from humans.

Once you’ve been tricked, the possibilities for what they can or have been doing with your system are endless.

We have seen everything from key loggers to spam engines to botnet agents installed as a result of these scams and none of them are benign.

Make sure you have a technically savvy person examine and clean your system, especially if you use this computer for online banking or other highly sensitive tasks. (If so, immediately change your pass codes from a different computer that you know is clean as a precaution against ID theft.)

In the future, if any site tells you that you need an updated program for ANYTHING, don’t take the sites word for it and don’t accept the sites offerings unless you absolutely trust the source. Remember, creating fake YouTube, Facebook or CNN pages is very easy, so don’t let your eyes fool you!

Instead, manually go to the site for downloading your updates (in this case, you should have gone to Adobe.com to download the latest Flash Player yourself) so you know exactly what is being installed.

If, after you manually update your player, the same site still says you need an update, you’ll know that it’s a scam.

Ken Colburn
Data Doctors Computer Services
Data Doctors Data Recovery Labs
Data Doctors Franchise Systems, Inc.
Weekly video tech contributor to CNN.com
Host of the award-winning “Computer Corner” radio show

Article Written by

  • zenium

    It is this type of social engineer scam that makes me wonder about the long term viability of cloud computing.

  • PhilMB

    One think that has always pissed me off about IE that I don’t seem to have a problem with in Firefox, is the lack of the “Status Bar” at the bottom of the window. Yes, I am aware that you CAN turn it on if it’s not showing – but why is that allowed as a default instead of allowing you to drop it if you need the space?

    Hover your mouse over the link, and the Status Bar will show you the destination URL behind the link. I realise that does not work on buttons, but there are usually other links to touch to confirm the validity.

  • http://facebook Lynda

    I read your warning! I thought as much! On my son’s facebook page (he has special needs that I help facilitate).. a warning came on to download adobe flash player. when you go there.. they it says that you have to sign on to X something or rather… I had Russian trojans last year so I knew enough not to do this. However, now whenever I try to contact his sister on facebook,, this pops up? any ideas on getting rid of it? thanks Lynda

  • Pingback: Chocolate, Flowers and Identity Theft | ProtectMyID

  • Pingback: fsu.edu | The arTech Blog