SonicWall Reports Dramatic Rise in Fraudulent PDF Files in Q1 2019
Last year, SonicWall Real-Time Deep Memory Inspection (RTDMI) identified over 74,000 never-before-seen attacks, a number that has already been surpassed in the first quarter of 2019 with more than 173,000 new variants detected.
Threat researchers at SonicWall Capture Labs have reported a substantial increase of fraudulent PDF files. These fraud campaigns have been taking advantage of recipients’ trust in PDF files as a “safe” file format that is widely used and relied upon for business operations.
Interestingly, last year, SonicWall Real-Time Deep Memory Inspection (RTDMI) identified over 74,000 never-before-seen attacks, a number that has already been surpassed in the first quarter of 2019 with more than 173,000 new variants detected. In March, the company’s patent-pending RTDMI technology identified over 83,000 unique, never-before-seen malicious events, of which over 67,000 were PDFs linked to scammers and more than 5,500 were PDFs with direct links to other malware.
It is pertinent to mention here that various targets of the phishing style PDF scam campaigns typically receive malicious documents from “businesses” luring victims with attached PDF files. These PDF files look deceivingly realistic with misleading links to fraudulent pages. Mind you that the business offer within the PDF attachment is enticing to recipients. It promises to be free and profitable with just the click of a link.
Debasish Mukherjee, Country Director -India & SAARC, SonicWall, said that oganizations routinely depend upon files and attachments, such as word documents, PDF which have become vulnerable to unsuspecting malware attacks. In this scenario, it is critical to block infections before it reaches epidemic proportions. SonicWall’s patent-pending Real-Time Deep Memory Inspection™ (RTDMI) is one of the solutions that can mitigate hidden malware contained in the files.
Most of the traditional security controls cannot identify and mitigate links to scams or malware hidden in PDF files, thereby greatly increasing the success of the payload. This increase, in turn, reflects a growing, widespread and effective strategy against small and medium-sized businesses, enterprises and also government agencies.
RTDMI identifies and blocks malware that may not exhibit any detectable malicious behavior or hides its weaponry via encryption. RTDMI detects and proactively stops mass-market, zero-day threats and unknown malware accurately utilizing real-time, memory-based inspection techniques,--all by forcing malware to reveal its weaponry into memory. RTDMI also analyzes documents dynamically via proprietary exploit detection technology, along with static inspection, to detect many malicious document categories.