why all the .pdf e-mails?

[Steve T]

Just a general question for the group regarding spam/viruses. Is it just me
or is there a sudden massive increase in .pdf file attachments in everybody
else's e-mails too? I run Mailwasher Pro so I delete these at the server
before they get to me. Is there some kind of virus or something circulating
out there in the guise of a .pdf file? I probably get about 30 a week.
Thanks, Steve T.

 

[Ghostrider]

Just a general question for the group regarding spam/viruses. Is it just me
or is there a sudden massive increase in .pdf file attachments in everybody
else's e-mails too? I run Mailwasher Pro so I delete these at the server
before they get to me. Is there some kind of virus or something circulating
out there in the guise of a .pdf file? I probably get about 30 a week.
Thanks, Steve T.

Don't know and don'care. But remember the basic rule of managing e-mails:
Do not open any that is questionable. And yes, these *.pdf e-mails have
become quite prevalent.

 

[Shenan Stanley]

Just a general question for the group regarding spam/viruses. Is it
just me or is there a sudden massive increase in .pdf file
attachments in everybody else's e-mails too? I run Mailwasher Pro
so I delete these at the server before they get to me. Is there
some kind of virus or something circulating out there in the guise
of a .pdf file? I probably get about 30 a week. Thanks, Steve T.

Spammers are pumping out junk in the form of PDF attachments as of late.
These are 'harmless'(in a system security sense) in the fact that they are
what are known as 'pump and dump' scams - or...

1. Scammers buy worthless stock at a very low price
2. Fake email is sent to millions of people, claiming the stock is projected
to move
3. People buy into the scam, and thus buy the stock, thereby raising the
price
4. The scammers sell off their holdings for a hefty profit
5. The victims are left holding worthless stock

 

[Ken Blake, MVP]

Just a general question for the group regarding spam/viruses. Is it just me
or is there a sudden massive increase in .pdf file attachments in everybody
else's e-mails too? I run Mailwasher Pro so I delete these at the server
before they get to me. Is there some kind of virus or something circulating
out there in the guise of a .pdf file? I probably get about 30 a week.

Yes, there's been a recent big increase in such spam. Just ignore it,
as you should all spam, and do *not* open the attachments.

I'm not sure whether the attachments are infected, but I have no
interest in finding out, and won't open them. I never open
attachments at all, except from a *very* few trusted sources, and then
only when I'm expecting them.

 

[C J.]

Spammers are pumping out junk in the form of PDF attachments as of late.
These are 'harmless'(in a system security sense) in the fact that they are
what are known as 'pump and dump' scams - or...

1. Scammers buy worthless stock at a very low price
2. Fake email is sent to millions of people, claiming the stock is
projected to move
3. People buy into the scam, and thus buy the stock, thereby raising the
price
4. The scammers sell off their holdings for a hefty profit
5. The victims are left holding worthless stock

Exactly... I see about 3 -5 of those PDF ones in my junk box daily. Since
I've been known to share the wealth - I usually forward these "stock tips "
to my enemies weekly... in bulk. 8D

 

[Larry Mauriello]

That is exactly how my a/v / spyware s/w works. 99% of these emails
containing .pdf go right into spam folder. Any that are missed I just
delete. I delete anythng I don't recognize.

 

[Daave]

Spammers are pumping out junk in the form of PDF attachments as of
late. These are 'harmless'(in a system security sense) in the fact
that they are what are known as 'pump and dump' scams - or...

1. Scammers buy worthless stock at a very low price
2. Fake email is sent to millions of people, claiming the stock is
projected to move
3. People buy into the scam, and thus buy the stock, thereby raising
the price
4. The scammers sell off their holdings for a hefty profit
5. The victims are left holding worthless stock

You know, if you could time it right, you could sell short!

 

[Vanguard]

Just a general question for the group regarding spam/viruses. Is it
just me or is there a sudden massive increase in .pdf file attachments
in everybody else's e-mails too? I run Mailwasher Pro so I delete
these at the server before they get to me. Is there some kind of virus
or something circulating out there in the guise of a .pdf file? I
probably get about 30 a week.

Because many spam filters will not open .pdf file to interrogate their
content. Plus that content can be a graphical image rather than
readable (and parsable) text which means the spam filter can't see into
that content. Some spammers started sending image (as attachments) to
their spew to hide the content from spam filters. PDF gives them a
double-layered approach to hide the content that spam filters can't
recognize but your eyes can. By requiring the use of document viewing
applications (Adobe Reader), spammers were attempting to bypass the text
and image scanning engines in anti-spam programs. This PDF-laden spam
started in late June.

 

[RalfG]

It may be more serious than that. There is a PDF exploit:

http://news.netcraft.com/archives/2...e_in_pdf_reader_could_expose_local_files.html

 

[Vanguard]

It may be more serious than that. There is a PDF exploit:

http://news.netcraft.com/archives/2...e_in_pdf_reader_could_expose_local_files.html

Geez, look at the article's datestamp of 2 YEARS AGO. If the Abode
Reader user hasn't performed a product upgrade since then then they
probably haven't done updates to Windows, anti-spam database,
anti-virus, anti-malware, and other security software in as along. Such
a user deserves what they get for not staying current.

 

[Gary S. Terhune]

Just because the article and info is two years old doesn't mean there aren't
new ones that have kept ahead of the curve.

 

[Vanguard]

in message

Just because the article and info is two years old doesn't mean there
aren't new ones that have kept ahead of the curve.

So how does a 2-year article indicate that there are new vulnerabilities
reported in newer articles? I will say, however, that seeing an article
about a really old vulnerability may get the OP to do a Google search on
more recent ones.

 

[M.I.5¾]

in message news:[email protected]...


Geez, look at the article's datestamp of 2 YEARS AGO. If the Abode Reader
user hasn't performed a product upgrade since then then they probably
haven't done updates to Windows, anti-spam database, anti-virus,
anti-malware, and other security software in as along. Such a user
deserves what they get for not staying current.

My company is so on the ball that we are running Acrobat Reader V6, so we're
all right.

 

[RalfG]

Someone in this thread stated that PDF attachments were harmless spam. That
isn't neccessarily true.

For a lot of people "Adobe reader" is just some junk they never use that was
already on the computer when they got it. Whether they meticulously do
updates or not, nobody "deserves" to be victimized. Right now only version 8
of Adobe reader might be exploit safe.

 

[Shenan Stanley]

Someone in this thread stated that PDF attachments were harmless
spam. That isn't neccessarily true.

For a lot of people "Adobe reader" is just some junk they never use
that was already on the computer when they got it. Whether they
meticulously do updates or not, nobody "deserves" to be victimized.
Right now only version 8 of Adobe reader might be exploit safe.

I would say Acrobat 8.1.0 - not just 8...

And it was not stated that all PDF attachments were harmless - that the
current round of 'pump and dump' scam PDFs were harmless. As with anything
else - that can change within moments. ;-)

 

[cquirke (MVP Windows shell/user)]

On Tue, 10 Jul 2007 13:11:07 -0400, "RalfG"

It may be more serious than that. There is a PDF exploit:

http://news.netcraft.com/archives/2...e_in_pdf_reader_could_expose_local_files.html

There's also "by design" exploitability built into Acrobat "reader":
- JavaScript
- launches other non-.PDF files
- "multimedia operations"

These settings can, and IMO should, be neutered via Edit, Preferences.

These facilities are already used commercially in dubious ways, e.g. a
"service" that can alert you whenever someone reads your .PDF
(implying "call-home" behaviour within Acrobat Reader).

So far, the recent barrage of .PDF attachments - which I would not
open - have been "flat" (non-malware) stock-boosting scams.