PDF files are increasing as “weapon” from CyberrataqueCheck Point researchers warn. According to advanced data by experts, PDF files are already 22 % of all the harmful attachments that are published by email.
The situation becomes more complicated when it comes to More than 87 % of PDF institutions are used as a standard commercial communication coordinationWith the opening of more than 400 billion files last year and the editing of 16 billion documents at Adobe Acrobat.
Cyber Security Company provides this Internet criminals may resort to advanced technologies to circumvent. The researchers have identified multiple harmful campaigns that were not observed by traditional security solutions without any registered discovery in Virustotal during the past year.
Click on the pictures to see in more detail
But why are PDF files very attractive to electronic criminals? Experts explain that although it is easy to use, this is a kind of complex file for automatic systems. A mixture of the user and the complexity of safety systems is what makes it attractive to the attackers.
Check Point emphasizes that in recent years, PDFS has become more advanced. In the past, Internet criminals explore the known weaknesses in PDF readers. But now, with the presence of the latest readers, especially those who open the files as prior, the approach has become less effective for large -scale attacks.
Instead of exploring safety failure, attackers are now betting on social engineering tactics. One of the most common techniques is the link -based campaigns. In these cases, PDF has a link to the hunting site or to empty harmful files.
In addition, the link is often accompanied by a picture or text to persuade users to click. The images concerned often imitate well -known brands, such as Amazon, Docusign, or Acrobat Reader. In these cases, since the attacker controls all the elements, including linking, text and image, it is easy to change any part quickly, making campaigns more difficult to discover them.
To avoid detection, Internet criminals are constantly adapting their tactics. Among the most common tactics is to evade URLs, by re -guiding to “hide” the final destination, QR symbols, or even phone calls. Emphasis on fixed analysis, as well as automatic learning systems used in safety tools, and the use of techniques such as turmoil, filters and complex structures to hide malicious intentions.
To be safe from attacks with PDF files, experts recommend this Always check the messages and email messages you receive. You must also Unexpected accessoriesPass with the index about the link before clicking on Check the full URL addressand Use a safe PDF reader And maintain Always update systems and programs.
