Some Skype users have reported seeing malicious ads inside their Skype clients in recent days that lead to a site that tries to download a fake Adobe or Java update.
Users in the Skype community forum on Monday said that they have been seeing a banner ad that, if clicked on, will lead to a dodgy site that attempts to install software that’s disguised as either an Adobe or Java update. This is a common tactic for attackers using malicious ads in a variety of contexts. They often will try to entice users to click on an ad or link by telling them that they need to update a common piece of software, often Adobe Flash, Java or QuickTime.
In this instance, the ads are appearing in users’ Skype clients, informing them that some content requires an Adobe update. The text of the ad has some misspellings and doesn’t really look like a dialog box that Flash would show a user. But for users who may be unfamiliar with genuine update mechanisms, it could be effective. Users in the Skype forum said that following the link in the ad takes victims to a site that tries to install an app on their machines.
