A common social engineering trick on GitHub: The user downloads a Adobe_Activator.zip file. Inside is a Readme.txt telling them to visit a link to get the "password." That link is often a phishing site or a link-shortener that pays the scammer per click.