"Critical Security updates available for Adobe Flash Player for macOS" - looks fake

Report · Feb 15, 2020

I've now received this same email three or four times in the last three months. It looks so legit, but when you actually read the fine print, the English is messed up; they run words together. For example:

"These updates address a critical vulnerability in Adobe Flash Player.
Successful exploitation could lead to arbitrary code..."

The words I underlined above have no spaces in between.

I looked at the bottom of the email to see an address, and there are two. The first says "This is a marketing email from Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA..."

The second address is at the very bottom: "Registered office: Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Park, Dublin 24, Ireland. Registered number: 344992"

I'm not touching it; I keep deleting them, but then I get another identical email three or four weeks later. What the heck?

Report · Feb 15, 2020

This is 99.9% sure to be a fake. Adobe can't stop people sending convincing fakes but if you send it to phishing@adobe.com sometimes they can close down the server so no more people get infected from that email.

That is not to say the message is false. There are many security updates to Flash and it's important to be on top of them. But Adobe won't email to tell you. They recommend you set Flash up for auto-update. If you want the latest go to the official page http://get.adobe.com/flash