Best Security Search
Security News

PDF Phishing Scam Campaign Revealed

Computer security experts from the SANS Internet Storm Center published a warning signaling a new PDF phishing scam email campaign that was recently revealed.

SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter

Social Engineering Tricks Used In The New PDF Phishing Scam

A new PDF Phishing scam has been identified, the warning came from the SANS Internet Storm Center which issued a public warning about it. According to their bulletin computer criminals have sent out emails against target victims using the subject line Assessment document. The body of the messages contain a single PDF attachment which claims to be locked. The hackers have presented a text message with a link that reads PDF Secure File UNLOCK to Access File Content.

Clicking on this link opens the PDF document using the machine’s default document viewer. A dialog box appears onto the screen which prompts the user to enter their email address and password. According to security experts this PDF phishing scam targets mainly beginner computer users who still inexperienced and do not know much about good security practices. The attackers use this phishing scheme to harvest victim credentials. There could be several implications:

  • The harvested emails can be used to gain access to various work-related information which can be used for malicious purposes or sold to the black market.
  • Accessing one’s email account can reveal sensitive financial information which can be used for money fraud.
  • The compromised email account can be used to launch social engineering attacks against acquaintances of the victim with a high risk of success.

The emails pose as being from a company called VetMeds and the PDF file is identified as a VetMeds assessment. The contents of the PDF document is a SWIFT banking transaction. Some of the victims who open the PDF document in the Adobe Reader program are presented with a security warning box. Users of the Windows 10 operating system by default open PDF files using the Microsoft Edge browser.

At the moment the experts cannot state just how large the phishing campaign actually is. However assume that it can be used to launch other types of attacks soon if another criminal party decides to join in with a modified or updated version of the PDF files and the associated malicious payload.

We remind our readers that binary files that pose as PDF files and other file types of user interest in other cases can lead to dangerous malware infections.

You should use a trusted anti-spyware utility to protect your computer from dangerous viruses.

SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.