Millions at risk due to the flooding of malicious PDF files in SMS inboxes, poised to steal your data.
Trusted PDFs become dangerous as smaller screens face a greater risk.
A recent study has revealed that a new phishing campaign is affecting businesses and individuals in over 50 countries. Experts warn that attackers are using an innovative obfuscation technique to hide malicious links in PDF files, which have historically been considered safe and reliable for sharing documents.
Research from zLabs, part of Zimperium, indicates that this type of threat involves the delivery of malicious PDFs via SMS messages, where senders impersonate the United States Postal Service (USPS). Using advanced techniques, attackers hide malicious links in these files, taking advantage of the trust users have in this format to steal sensitive information.
Reports indicate that this campaign targets both organizations and individuals, with more than 20 dangerous PDF files and 630 phishing pages identified so far. The attacks begin when the victim clicks on the hidden link in the PDF, which typically requests personal information such as names, addresses, and credit card details.
Mobile devices are considered especially vulnerable to this type of attack, as users have limited visibility of the file's content on smaller screens before opening it. Moreover, malicious links in these PDFs are harder to detect because attackers do not use the standard /URI tag to embed links, allowing them to evade detection by traditional security software.
Nico Chiaraviglio, Chief Scientist at zLabs in Zimperium, commented that although USPS is not involved, cybercriminals exploit the name of this institution to deceive and trap users. This campaign highlights the increasing sophistication and ongoing rise of "mishing" attacks, underscoring the need for proactive security measures for mobile devices.
To protect against these types of attacks, it is essential to verify the sender's details and the metadata of any attachment before opening it. Additionally, it is advisable to avoid clicking on links embedded in PDFs or SMS messages; instead, it is better to access the official website directly or use the mobile app of the organization. It is also recommended to use good antivirus software for Android or iPhone to stay protected against malware on mobile devices.
