Subject<\/strong>: PLEAESE REVIEW DOCUMENT.<\/p>\n\n\n\n
![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2026\/01\/1-9-26-adobe-phish.png\")
<\/figure>\n\n\n\nWhere did the link lead?<\/p>\n\n\n\n
The link leads to liderwll-refrigeracao[.]com[.]br instead of Adobe Document Cloud but attempts to mimic the look and feel of Adobe. This should be suspicious. The page prompts you to download something. <\/p>\n\n\n\n When clicking the link to download the document, it triggers a download of a file called “adobe_reader.msi” which is not a document. Files with the extension .msi or .exe are for installing software on Windows. Use caution before ever opening or executing these as it may install malware on your device. In this instance, though the file name seems to indicate Adobe Reader would be installed, the file is in fact malicious software. When installing software, always go to the known website for the application. Notice the URL is not on an Adobe website. <\/p>\n\n\n\n Tips for Detection<\/p>\n\n\n\n Text of Phishing Message<\/p>\n\n\n\n From<\/strong>: Ricks[@]checkprocessors[.]com Hello,<\/p>\n\n\n\n I\u2019ve shared a document with you for review. Because the file was too large to attach, I uploaded it to Adobe Document Cloud instead.<\/p>\n\n\n\n Please use the link below to view the document, and let me know if you have any trouble accessing it. Original Phishing Message From: Ricks[@]checkprocessors[.]comSubject: PLEAESE REVIEW DOCUMENT. Where did the link lead? The link leads to liderwll-refrigeracao[.]com[.]br instead of Adobe Document Cloud but attempts to mimic the look and feel of Adobe. This should be suspicious. The page prompts you to download something. When clicking the link to download the document, it triggers a […]<\/p>\n","protected":false},"author":521,"featured_media":1403,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-1402","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1402","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=1402"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1402\/revisions"}],"predecessor-version":[{"id":1406,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1402\/revisions\/1406"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/1403"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=1402"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=1402"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=1402"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2026\/01\/1-9-26-adobe-phish-link-1-1024x471.png\")
<\/figure>\n\n\n\n![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2026\/01\/1-9-26-adobe-phish-link-2-1024x387.png\")
<\/figure>\n\n\n\n\n
Subject<\/strong>: PLEAESE REVIEW DOCUMENT.<\/p>\n\n\n\n
ADOBE DOCUMENT
Thank you.<\/p>\n","protected":false},"excerpt":{"rendered":"