Watch out - those PDFs lurking in your inbox could be a major security risk

2 weeks ago 9

(Image credit: Getty Images)

Phishing emails carrying PDF attachments are on the rise, report warns
Check Point highlights how hackers love PDFs for customization
Social engineering attacks using PDFs are also on the rise

At least one in every five phishing emails carries a .PDF attachment, researchers are saying, warning that the popular file format is being increasingly used in social engineering attacks.

A new report from Check Point Research claims PDF-based attacks now account for 22% of all malicious email attachments, making them particularly concerning for businesses sharing large quantities of these files every day.

In earlier years, many of the attacks relied on JavaScript or other dynamic content being embedded within the files. While this approach is still seen in the wild, it has become less common, since JavaScript-based attacks tend to be “noisy” and easier to detect by security solutions.

Email remains one of the most popular attack vectors out there, with more than two-thirds (68%) of cyberattacks beginning this way.

Customizing the link

Today, cybercriminals are pivoting towards a simpler, more effective approach, Check Point says - social engineering.

Generally speaking, the attacks don’t differ much from your usual phishing email. The PDF attachment would serve as a launch pad, often carrying a link that would redirect a person to a malicious landing page or a website hosting malware.

That way, the malicious links are hidden from security filters, making sure the files are received straight to the inbox.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Furthermore, placing the link in a PDF gives the attackers full control - they can change the text, the image, or any other aspect of the link, making it more trustworthy.

The files are often designed to mimic trusted brands like Amazon, DocuSign, or Acrobat Reader.

“Even though these attacks involve human interaction (the victim must click the link), this is often an advantage for attackers, as sandboxes and automated detection systems struggle with tasks that require human decision-making,” Check Point concluded.

Private API keys and passwords found in AI training dataset - nearly 12,000 details leaked
We've rounded up the best password managers
Take a look at our guide to the best authenticator app

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read Entire Article