Fraudulent files in PDF format increase

International. Researchers at SonicWall Capture Labs are reporting a substantial increase in malicious or fraudulent PDF files. This attack campaign leverages recipients' trust in PDF files as a "secure" file format that is widely used and used for day-to-day business operations.

"Increasingly, email, Office documents and now PDFs are the vehicle of choice for malware and fraud in the cyber environment," said SonicWall President and CEO Bill Conner. "SonicWall Capture ATP with its RTDMI technology is at the forefront of capturing these new variants that bypass traditional sandbox security technology. In fact, we discovered more than 47,000 new threats in PDF files over the course of 2018. This year, we've already seen a significant increase in the number with over 73,000 PDF-based attacks discovered in March alone."

Last year, SonicWall's Patent-pending Deep Real-Time Memory Inspection (RTDMI) identified more than 74,000 never-before-seen attacks, a number already surpassed in the first quarter of 2019 with more than 173,000 variants detected. In March, the same RTDMI technology identified more than 83,000 unique never-before-seen malicious events, of which more than 67,000 were PDFs linked to scammers and more than 5,500 files of the same type with direct links to other malware.

Target users and companies for this style of phishing campaigns typically receive malicious documents from "other companies" that lure victims with PDF attachments that appear deceptively realistic, but contain deceptive links to fraudulent pages. The commercial offer within the PDF attachment is attractive to recipients as it promises to be free and cost-effective with just one link and one click.

Most traditional security controls cannot identify and mitigate links to scams or malware hidden in PDF files, greatly increasing payload success. This increase implies a growing, widespread and effective strategy against small and medium-sized enterprises, corporations and government agencies.

RTDMI identifies and blocks malware that may not display any detectable malicious behavior or hides its weaponry through encryption. By forcing malware to reveal its weaponry in memory, RTDMI proactively stops mass attacks, zero-day threats, and unknown malware, as this technology accurately uses real-time, memory-based inspection techniques.

RTDMI also analyzes documents dynamically through proprietary exploit detection technology, along with static inspection, to detect many categories of malicious documents.

Duván Chaverra AgudeloEmail: [email protected]

Editor Jefe

Jefe Editorial en Latin Press, Inc,. Comunicador Social y Periodista con experiencia de más de 13 años en medios de comunicación. Apasionado por la tecnología.

• Join the webinar: Enforcer Bluetooth Access Controllers
• The Pentagon Method for Loss Prevention in Shopping Malls
• The fragile nature of our digital world
• Download our new digital edition of Ventas de Seguridad
• Fires in lithium-ion batteries