Cybercriminals are taking advantage of your trust in a widely used file format: PDFs.
According to a new report from Check Point Research, a whopping 22% of harmful email attachments are malicious PDFs. That means at least one in every five phishing emails your business receives could carry dangerous payloads hidden inside a seemingly harmless document.
Why Hackers Are Turning to PDFs To Attack Businesses
Hackers have long favored using files like Word documents or Excel spreadsheets with embedded malware. However, security software (and users) have improved threat detection, resulting in fewer successful attacks. As a result, PDFs, widely used and trusted by businesses, have become the perfect Trojan horse.
Most people don’t think twice before opening a PDF attachment from what looks like a legitimate sender, which is what attackers are counting on.
How Cybercriminals Use Malicious PDFs To Spread Malware
Hiding malware or scripting inside PDFs isn’t new; hackers have long used the files to disseminate harmful JavaScript or other dynamic content. However, because those attacks are easier than ever to detect, they’re less common.
Most attacks using malicious PDFs are difficult to catch because they involve social engineering, disguising the harmful content in an email from what looks like a trusted source or major company. Hackers are sending PDFs that seem to come from major companies like Amazon or DocuSign, which appear legitimate and “safe.”
Criminals don’t load harmful code directly into PDFs, but they typically embed links that appear legitimate. Instead, they redirect recipients to phishing sites or malware downloads. In other cases, the PDFs contain malicious scripts that exploit software vulnerabilities once opened, potentially giving attackers access to your network.
Protecting Your Business From PDF‑Driven Scams
Cybercriminals use the PDF obfuscation approach to target businesses of all sizes and people in all departments. Research from the Society for Human Resource Management shows that human error is the top cause of data breaches. However, it only takes one employee falling for a phishing scam to put your company at risk.
Knowing that PDFs can carry harmful links or exploits is the key to avoiding a security incident. Your employees should always be skeptical of unexpected attachments, even from known contacts. When in doubt, verify the sender before opening.
Other ways to avoid problems include:
- Enabling advanced email security. Invest in email filtering and anti‑phishing tools that detect and eliminate malicious attachments before they reach inboxes.
- Updating software. Keep PDF readers, browsers, and security software current to address known vulnerabilities.
- Using multi‑factor authentication (MFA). Even if an attacker obtains login credentials, MFA adds an essential extra layer of protection.
Check all links before you click on them, too. Hover over any link in a PDF, and if it doesn’t look right, don’t click.