The last few months have seen a big increase in malware attacks using PDF email attachments, according to security firm SonicWall. There’s nothing new in this, of course, but many recent attacks have relied on getting users to click links in emails leading to infected webpages instead of requiring them to open an attachment, as was traditional.
Over the course of 2018, SonicWall detected 47,000 new attack variants using PDFs, while they observed more than 73,000 of these variants last month alone. 67,000 of these PDFs linked to scammers, while 5,500 contained links to malware downloads.
In many cases, targeted PDFs use zero-day exploits for browsers in order to increase the probability of a successful attack as on-the-ball businesses now patch their systems more quickly to protect against known exploits. Other attacks have been known to nick login details by tricking the user into opening malicious PDFs that use remote document loading mechanisms to capture and leak your credentials.
Most of the attacks observed by SonicWall simply used PDFs to smuggle malicious links through email security filters. Many security filters struggle to analyse content inside PDFs, so an attacker stands a better chance of getting through to their victim if they place the link in one of these files. SonicWall CEO Bill Conner said that PDFs are increasingly becoming a “vehicle of choice for malware and fraud in the cyber landscape,” alongside emails and Office documents.
SonicWall’s report naturally pushes its own security solutions for the issue, but that’s a notable uptick in PDF attacks, nonetheless. The firm, which was bought by Dell in 2012 and then spun out four years later, sells hardware, software and cloud-based security products to small and medium firms and government agencies.
SonicWall notes that PDFs are generally thought of as a safe file type, so users often don’t hesitate to open them. Given the pervasiveness of PDFs within corporate and government environments, employees need to know how to avoid these attacks. New-school security awareness training can give your employees a thorough, up-to-date education about the threats they face.