Security experts are warning email recipients of an emerging spam technique that for the first time is attaching PDF files to emails in a new attempt to dodge spam filters.
According to email security vendor Marshal spammers are switching their technique from image spam to PDF attached spam. After struggling to find ways to fool spam filters they are now figuring out new ways of getting their messages across.
“The fact that the message contains a PDF attachment which is a very common business-related file format is designed to lower the recipient’s suspicions that the message might be spam,” said Bradley Anstis director of product management at Marshal.
“With the recent PDF spam outbreak, the spammers have attempted to add credibility and legitimacy to their messages in an attempt to fool users,” said Anstis.
According to a spokesperson for Marshal, users can now expect to see ongoing use of PDF attachments to communicate spam messages.
“The PDF can eventually be used to contain links to websites to malware and can actually be used in many ways,” said Marshal’s spokesperson..
The new technique was detected this week in a recent pump ‘n dump spam outbreak sent to German internet users encouraging them to read an attached PDF file, according to security vendor Sophos.
But Sophos believes the technique can be stopped before causing any major damage. “Not sure how successful they will be by adding the text in the attachment it just means anti-spam vendors have to scan an additional layer,” said Sean Richmond senior technology consultant at Sophos A/NZ.
Emails with PDF attachment form new spam campaign
By Negar Salek on Jun 22, 2007 3:53PM