Skip to Content

Dangerous malware targeting Adobe Flash for Windows, Macs, and Chrome OS

Techniques used by cybercriminals to rip us off are constantly changing.

That’s why it’s so important to stay up to date on the latest attacks. It’s much easier to avoid falling victim to them when you know what to watch for.

Now, a severe vulnerability in Adobe Flash is being exploited by cybercriminals and it could end up costing you big time.

How cybercriminals are exploiting Adobe Flash

What’s happening is, unsuspecting victims are receiving phishing emails that contain malicious Word documents and no one is safe. Users running Windows 10, macOS, Linux and Chrome OS systems are all being targeted.

If you click on the Word doc, you will see a message that says “Online preview is not available. Please enable editing mode to view this document.” It looks something like this:

Image: Example of malicious Word document being spread through phishing emails. (Source: Morphisec)

Warning! If you enable editing mode, hackers could take total control of your gadget.

Typically when a scammer sends a malicious Microsoft Office document, they rely on the recipient to enable Macros. Enabling Macros allows the malicious document to infect the victim’s gadget with malware.

In the attack circulating now, the installed malware exploits a bug recently found in Adobe Flash Player. If you fall for this elaborate phishing scam, the attackers could wind up taking control of your gadget and use stolen data to rip you off.

There are ways to avoid falling victim to this attack

A spokesperson for Adobe told Threatpost, “The majority of exploits are targeting software installations that are not up-to-date on the latest security updates. We always recommend that users install security updates as soon as they are available.”

Beyond having updated software, you also need to beware of phishing scams that are making the rounds and how to defeat them. Keep reading for suggestions.

Do NOT enable macros

You should never download Word or Excel files attached to unsolicited emails to begin with. If you do open one of these documents and it says that you need to turn on macros, close the file and delete it immediately

Be cautious with links

Do not follow unsolicited web links in email messages, it could be a phishing scam. Cybercriminals always take advantage of popular websites and trending news stories to try and find new victims. That’s why you need to be able to recognize a phishing scam.

Phishing attacks are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos. Take our phishing IQ test to see if you can spot a fake email.

Have strong security software

Make sure you’re using strong antivirus software on all of your gadgets. And keep them up-to-date for the best protection. This is the best way to keep your device from being infected with malware.

Use unique passwords

Many people use the same password for multiple websites. This is a terrible mistake. If your credentials are stolen from one site and you use the same username and/or password on others, it’s easy for the cybercriminal to get into each account. Click here to find out how to create hack-proof passwords.

Set up two-factor authentication 

Two-factor authentication, also known as two-step verification, means that to log in to your account, you need two ways to prove you are who you say you are. This adds an extra layer of security and should be used whenever a site makes it available. Click here to learn how to set up two-factor authentication.


Have you joined the trend like many others who are turning their place into a “smart home?” It’s so common now it’s opened up a world of virtual assistants. Instead of tapping an app to play your music, then another app to put on your lights, and yet another to turn down the thermostat, you can just do all that from a single home hub. One of the most popular virtual assistants is Amazon’s Alexa. Unfortunately, there’s an issue with Alexa that could make it unsuitable for kids. Click here to find out why you might want to think twice before letting kids have Alexa play their favorite songs.

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days