Just wanted to throw this out to the community.
A few days ago I received a suspicious email that did nevertheless appear to originate from Adobe (the email address was "firstname.lastname@example.org"). It was an invite to view a Lightroom album and I could see from the preview there was also a video file attachment ("My Videos.FwZ.mp4") followed by a tinyurl link. Now alone that is suspect but I also have no reason to be expecting album invites from anyone because A) I do not use Lightroom, B) I do not know anyone who uses Lightroom, C) in fact I do not know anyone who uses Adobe nor is there anyone who should know my status as an ex Adobe subscription user.
I forwarded the email onto the specialised phishing team ("email@example.com") who eventually got back and told me in an a fairly automated way that the item I received did not appear to be a genuine Adobe message. Fine. But in the meantime I also checked it with the Adobe live chat who completely contradicted this and told me explicitly the email was fine to open. This was their verbatim reply after taking about a day to "check" it (the grammatical errors make me think this is all being handled in India?): "Thank you for contacting Adobe, this is to inform you that the email is from Adobe as someone share the Lightroom album access so you can also view there work."
While I appreciate the second reply is not from the phising department, why on earth would they ever be advised to insinuate an email like that is genuine when it blatantly isn't? They clearly just gave it a passing look without investigating or reading my actual chat messages and just took me to be an idiot misreading a Lightroom invite. I obviously didn't click the original invite link in the scam email, but someone else who got the reply from Adobe above may well have done. If so, would Adobe be liable for damage done to a computer/stolen information or card details etc?
Secondly, is it not a little concerning that by the looks of it there are scammers or bot accounts who are present on the Adobe system and seem to have access to users' personal email addresses, thus sending out spoof emails in the hope they'll click a bogus invite link? This seems like quite a serious breach of security yet from the pasted responses I've received it doesn't seem like Adobe particularly car.e
Side note: moderators please move this if this thread is in the wrong section. Not sure where is best but posted it here since it is a Lightroom phishing scam. No idea what tag is best so I just clicked Windows.
Just to add that I received a similar invitation from a Maria Cook on 3rd January
I also received a similar invitation from a Jaqueline Torres
"Rose Martin" for me.
I received the same message from "Emily Pearson". Do not click any links in this email! I was prompted to set up an account so I could view a folder that happened to be very explicit. Unfortunately I fell for it because I had a friend called Emily message me just before that and it caught me off guard. Then they proceeded to send me an email saying they knew what my password was and that if I didn't send them $2500 they would expose the explicit video they sent me to all of my contacts. This is clearly a data breach that Adobe needs to handle.
Good evening I just want to say this happened to my guys phone some Erica Strac something I don't care cause it was a link to a chat site for adults. Or someones photo gallery I got pissed but I see now something else is up.