January 7, 2019
We have become aware that hackers impersonating Magento, an Adobe Company, are sending emails that contain malware to merchants and agencies using Magento products.
The malicious email references the availability of a critical Magento security update. Customers who receive one of these emails should delete it immediately without downloading attachments or following hyperlinks that may be included in the message. Authentic updates for Magento are only available for download on the Magento website at https://magento.com/security/patches.
For more information on protecting yourself from phishing attempts, please visit https://blogs.adobe.com/security/tag/phishing.
This is another reminder of the importance of following strong security practices. Please review and follow the security best practices posted on the Magento Security Center.