PDF Files Laced with Spam | eWEEK Labs | eWeek

PDF Files Laced with Spam

Jul 20, 2007
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

MX Logic has reported a 25 percent increase in spam volume, in particular spam that uses text in PDF attachments. According to Sam Masiello, director of threat research for MX Logic, tainted PDF documents are the evolutionary next step for image-based spam. The reason: The converters needed to open the PDF document in order to use OCR technology to scan the document and check for spam aren’t yet widely used in anti-spam tools. Masiello thinks that will change and so do I. This latest tactic–using text in PDF document attachments–will likely be curtailed soon as anti-spam and mail security tools spin up PDF converters and start running filters over the contained images and text. However, social engineering and the PDF’s reputation as a trusted information source are likely big reasons why spammers are using the file format. In my experience, subject lines and file attachments that resemble the subjects and files I use in my daily work life are much more likely to get me to click “open.” This doesn’t always work. E-mail messages addressed to me that are supposedly from coworkers who long ago stopped working at Ziff Davis immediately get zapped when I’m going through my inbox. The same goes for e-mail that claims to be coming from me. But a message with a terse note from my editor with a PDF attachment? Yeah, I’d likely open that message. The reason: I trust PDFs because, in the past, PDF files sent to me have always contained information that I needed. (For one thing, page proofs for the print version of eWEEK magazine are sometimes sent to me in PDF format.) Masiello, when I asked him to speculate about the next step for PDF spam, said after .zip attachments to mail messages lost their appeal because of user training, password-protected .zip attachments–where the password was included in the mail message, usually with the advice to use the enclosed password to open the supposedly encrypted .zip file–became the all the rage. Maybe we’ll see password-protected PDFs next. I’d hate to see the day, however, when I stop opening PDFs attached to mail messages the way I stopped opening .zip files.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.