IS IT SAFE TO OPEN A PDF YOU RECEIVE VIA AN EMAIL?
I was asked the question recently, "is it safe to open a PDF you receive via email?"
If the email is from someone you know AND you are expecting to receive the PDF, then it is generally safe to open the PDF. You'll notice I capitalised the 'AND'. I'll come back to this in a moment.
There is one situation where you shouldn't open a PDF. That is when you receive a file which looks like a PDF, displays an icon which indicates the file is a PDF, has a filename ending in .PDF, but in reality it is an executable malware program simply designed to look like a PDF file. The second situation is if you have the full version of Adobe Acrobat installed which enables you to create PDFs. Past media reports have reported PDFs have been crafted to take advantage of flaws in the full version of the Adobe Acrobat software to infect computers with malware. Generally if you only have Acrobat Reader installed and it is a real PDF, I've not seen people infect their computers. This isn't to say it can't happen, just that I've not seen it happen across my clients.
Now back to the reason I've capitalised the 'AND'. More recently there has been a social engineering technique used with French speaking organisations which I thought was interesting and shows how easy it is for a stranger to get past our defences.
The accounting and finance department employees were called and asked if they could process an invoice sent by email. The attackers would obtain their victims number and email which is generally easy to find. They would call and then send a follow up email which increased the chances of a successful attack.
In this case we could say the employees are receiving emails from someone they now know and are expecting to receive the email, but in reality they don't really know the person.
I always suggest to clients to turn on the option to show filename extensions. By default with Windows, the filename extension is not shown and people can receive a file which looks like invoice.pdf, when it is actually invoice.pdf.exe and the file is an executable file which is usually malware. By showing the filename extension it makes it easier to spot attachments which may be malware.
Whilst up-to-date antivirus software should be considered mandatory on your computer, the reality is new malware is released every day that isn't picked up by antivirus software and the only protection you have is you, so it is wisest to treat all attachments with caution, even from people you know.
Mob: 0415 910 703