Monday, December 5, 2022
HomeCyber Security BlogCyber Knowledge-basePDF SCAM- HIDDEN SOURCES OF MALWARE





Phishing scams trick you into believing it is a legitimate message from a trusted source. They are sent by email, SMS (SMS phishing), or SMS. The malware will extract sensitive data and send out more phishing messages to your contacts.

The PDF Scam: What is it and how to spot it

A series of dialog boxes containing fake passwords appear when the victim logs in to the site. The system requires a password to keep reading but forwards any information to the spammer. The prompt only appears when the document is opened. It appears to be a financial transaction but we don’t know why.

Malicious people will try new methods to successfully trick you. Even if they are unsuccessful, they may be able to use this small uncertainty as a way to execute their plan. They usually hope that you click on the link or download an attachment. This week, we want to take a look at a particularly clever scam that’s going around. Here’s what it looks like and the hidden messages that you don’t always see.

How to Deal With a pdf Scam

The email uses urgency and feelings of concern to encourage you to open the attachment. The attachment is from “Apple account” and the title is “account service”. If you are scammed or hacked, it is impossible to notice the signs right away. The companies that have been breached rely on this fact. The recipient would then see this opening: “We found that there may be suspicious activity in your account. Here is a representative example of the suspected activity.”

Cybercriminals are using Adobe files to help them avoid detection by some email gateways. By including links in these PDF files, the cybercriminal can know that if you open the PDF and click the link, you will be taken to a web page that mimics an authentic one. The best defense against cybercriminals is knowing what tricks they use. Updates to both your operating system and other software are crucial, as well as running anti-malware software. If the email looks fishy, just delete it. The attachment may contain malware or bad links that will lead you to a phishing site.

  • Reconnect Your Device

To eliminate the potential risk of hacking, you should immediately disconnect the device from the Internet. If you cannot find your Wi-Fi settings, shut down the router by removing power. It prevents sensitive information from transmitting off of your device and keeps someone outside of your device.

  • Restore Accidentally Deleted Files

If you are disconnected from the Internet, your data might be lost or erased. Back up particularly sensitive files and those that can’t be replaced, such as family photos and videos. Before storing files on a device, we recommend you back up your data. For a low cost, external hard drives and thumb drives can store large amounts of files.

  • Keep malware away

The decision of who cares for your tech device depends on how tech-savvy you are. If you’re not too skilled, take it to a professional–you should ask friends and family for references.

  • Scan your PC

Disconnect it from the internet, even though you may not have an AV on this device. Ignore the error message if it appears. The scan will take some time, so be patient and don’t do anything else on your device.

  • Use Malwarebytes

To avoid downloading malware, we suggest scanning your device with a free program called Malwarebytes. To clean up your infected device, download the program onto a storage device. Then install the Malwarebytes program on the compromised device. It will ask you to update the database, but you will be unable to do that without having access to the internet. Just decline and run a full scan of your PC. This will take some time, depending on what is running on your computer. Be patient and do not interfere with this process as it runs until it completes.

When you run the program again, it will show you what is suspicious and then help clean it up or quarantine it if necessary. It can sometimes be difficult to tell the difference between malware and a normal app, but if you’re still having problems with your device, it’s best to make sure that it’s spotless by taking it to someone who specializes in computers.

Tips to protect and change your credentials
  • Enhance Security

Don’t use the same username and password for all your accounts, this makes it easier for criminals to access them.

  • Get a Fraud Alert

It is predicted that over $54 million was lost in phishing attacks in the US in 2020. To be safe and protect yourself, contact one of the major credit bureaus to have a fraud alert placed on your report. This way, when requesting new credit from banks, it will become more difficult for fraudsters to use your information as they will be notified of your fraud alert and need to verify accounts instead of just accepting them.

  • Protect Yourself from pdf scams

The best way to avoid phishing texts and emails is by deleting any potentially suspicious messages that might be there. Never share sensitive information like email or text; look for other, more secure ways of contact, such as a telephone call. Attackers have been using PDF files to perform phishing campaigns, according to researchers at Palo Alto Networks’ Unit 42. They’ve speculated that it is due to Apple’s more stringent requirements for App Store submissions. This year has seen a 1,160% increase in malicious PDFs.

One of the most common forms of PDF phishing was a fake CAPTCHA that would tell victims to click on “Continue” leading to a malicious site. Another variant had an image that purported to be a coupon, asking for them to click on the image for 50% off of their product.

There are three types of PDF phishing. The first type was JPG images that looked like paused videos and had a link to a phishing site when the user clicked on them; these were used in the third type of PDF phishing.

The content of these phishing files does not have a specific message, as they are mostly static images. We observed many categories, including nudity and following monetary themes to lure users into clicking the play button.

Educational awareness training can equip your employees with the tools needed to avoid these types of scams. If a person clicks on the phishing scam, it will prompt them to open a PDF file asking permission to redirect them elsewhere. However, regardless of their answer, the victim is redirected to a malicious site. The phishing site does not have this problem with Microsoft Edge as Edge is the default PDF viewer for Windows 10. Why was your account locked or why did someone share a file with you out of the blue?

The researchers concluded that people need to be careful when opening suspicious files. Recently, both the number of phishing attacks and the Social engineering vector have increased with 8% of clicks eventually turning into successful hacking. As such, it is important to double-check any files that you receive unexpectedly, even if they came from a company or person that you know.