Phishing attacks have evolved considerably over the years. The good news is that those ransom letters from Nigerian ‘princes’ are now few and far between. The bad news is they’ve been replaced by a subtler, harder-to-trace new breed of phishing scams. Intellesec explores how PDFs have become the hacker’s weapon of choice and explains how to keep your business safe with managed Palo Alto firewalls and SentinelOne endpoint security.
If you thought phishing scams were a thing of the past, we’ve got news for you: they’re not. Quite the opposite in fact. Not only are phishing attacks on the rise, but they’re becoming increasingly more sophisticated and harder to detect. The fact is that cybercriminals are constantly sharpening their phishing hooks with innovative new tactics and casting them out into the direction of unsuspecting businesses and their staff.
How fraudsters use PDFs to reel in victims
One of the challenges facing small business owners (and indeed managed security service providers like us) is the constantly evolving threat landscape. For instance, HMRC detected a 73% rise in email phishing attacks during the first six months of the global pandemic. With restrictions easing, and that window of opportunity shrinking, scammers have already moved on. Presently to weaponise the humble PDF it seems.
According to Palo Alto’s cybersecurity branch, the number of fraudulent PDF files in circulation over the course of 2020 grew by 1,160 percent compared to the previous year. To put that into context, PDF-based phishing went from 411,800 attacks in 2019 to well over five million twelve months later. In many cases, PDF files are used to redirect traffic to a malicious website – often via one or more gating websites to evade antivirus software.
Palo Alto’s findings suggest that the most popular phishing tactic – used in nearly 40% of phishing attack attempts – is the fake CAPTCHA. These phishing scams lure unsuspecting users to verify themselves through a fake CAPTCHA that employs a clickable image within a PDF file that reroutes them to a malicious domain. Other popular PDF phishing scams include fake coupons, fake play buttons and file sharing variations.
Protect your business from phishing attacks
The bottom line is that phishing scams are here to stay. They’re only increasing in number and severity. But Intellesec can help you to protect your business from the growing threat. We offer multi-faceted protection through managed Palo Alto firewalls and SentinelOne endpoint security.
Furthermore, these sophisticated cybersecurity solutions can not only prevent users from visiting new and parked domains or destructive malware from being downloaded when a user visits a malicious domain, in the rare event that malware should evade these first lines of defence, SentinelOne reverses and removes any malware activity before it has a chance to cause any harm. So with Intellesec by your side, you’ll never have to worry about the latest phishing scams again.
We have the technology and vast industry experience to ensure your business, network, computers and servers are safe, secure and harder to breach. For more information about our cyber security solutions, please contact Intellesec today on 0116 3266123 or email hello@intellesec.co.uk.