…there are a number of other potential risks from offers like this (as I’ve pointed out before) … Paying for software that’s actually free and for services that aren’t worth the money … Paying for software that turns out to be malicious … Parting with credit card and other data that might be misused…

Larry Seltzer and David Phillips have kindly sent me the full text of the fake Adobe update messages I previously mentioned…

Larry Seltzer posted an interesting item yesterday.  The article on "SW Tests Show Problems With AV Detections " is  based on an "Analyst's Diary" entry called "On the way to better testing." Kaspersky did something rather interesting, though a little suspect. They created 20 perfectly innocent executable files, then created fake detections for ten of them.

In view of some of the discussion generated by Randy's blog on PayPal's "confession" of "phishing", it's refreshing to see a straightforward summary of the issue from the estimable Larry Seltzer for PC Mag (see http://blogs.pcmag.com/securitywatch/2009/12/paypal_admits_to_phishing_its.php?sms_ss=twitter). PayPal's view of the issue seems equivocal. They've gone to some lengths to dismiss this issue as the agenda of