Industry News and Events

SonicWall Detects, Reports Dramatic Rise in Fraudulent PDF Files in Q1 2019

PRESS RELEASE – April 18, 2019

MILPITAS, Calif. — SonicWall Capture Labs threat researchers are reporting a substantial increase of fraudulent PDF files. This fraud campaign takes advantage of recipients’ trust in PDF files as a “safe” file format that is widely used and relied upon for business operations.

“Increasingly, email, Office documents and now PDFs are the vehicle of choice for malware and fraud in the cyber landscape,” said SonicWall President and CEO Bill Conner. “SonicWall Capture ATP with its RTDMI technology is at the forefront of catching new cyberattacks that elude traditional security sandbox technology. For example, in all of last year, our Capture ATP sandbox discovered more than 47,000 new attack variants in PDF files. This year, we’ve already seen that number rise significantly with over 73,000 PDF-based attacks discovered in March alone.”

Last year, SonicWall Real-Time Deep Memory Inspection (RTDMI™) identified over 74,000 never-before-seen attacks, a number that has already been surpassed in the first quarter of 2019 with more than 173,000 new variants detected. In March, the company’s patent-pending RTDMI technology identified over 83,000 unique, never-before-seen malicious events, of which over 67,000 were PDFs linked to scammers and more than 5,500 were PDFs with direct links to other malware.

Targets of the phishing style PDF scam campaigns typically receive malicious documents from "businesses" luring victims with attached PDF files that look deceivingly realistic with misleading links to fraudulent pages. The business offer within the PDF attachment is enticing to recipients, as it promises to be free and profitable with just the click of a link.

Most traditional security controls cannot identify and mitigate links to scams or malware hidden in PDF files, greatly increasing the success of the payload. This increase implies a growing, widespread and effective strategy against small- and medium-sized businesses, enterprises and government agencies.

RTDMI identifies and blocks malware that may not exhibit any detectable malicious behavior or hides its weaponry via encryption. By forcing malware to reveal its weaponry into memory, RTDMI detects and proactively stops mass-market, zero-day threats and unknown malware accurately utilizing real-time, memory-based inspection techniques. RTDMI also analyzes documents dynamically via proprietary exploit detection technology, along with static inspection, to detect many malicious document categories.

About SonicWall

SonicWall has been fighting the cybercriminal industry for over 27 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, our award-winning, real-time breach detection and prevention solutions secure more than a million networks, and their emails, applications and data, in over 215 countries and territories. These organizations run more effectively and fear less about security. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

latest stories

  • SonicWallがサイバー攻撃全体の急激な増加について詳細なレポートを発表、企業の潜在的な収益リスクを明らかに
    組織の年間収益の6%以上にサイバー脅威のリスクあり センサーが検知した攻撃時間は125% – 1日(8時間業務)に10回の攻撃を検知 企業は880時間の業務時間の間に平均で1,104時間のクリティカルな攻撃に耐え、46日間のダウンタイムの可能性を回避 マルウェアは5月だけで92%の急増を見せ、前年比30%の増加傾向 ランサムウェアが北米で急増(+15%)、中南米で爆発的増加(...
    Read More
  • SonicWallの脅威データがサイバー攻撃の深刻さと マネージドサービスプロバイダー(MSP)の重要性を明らかに
    サイバー犯罪者の手口の多様化に伴い、侵入の試みの総数が増加(+20%) – 世界中で攻撃が増加 ランサムウェアは年間を通じて増加(下半期は+27%)、夏季がピーク(+37%) クリプトジャックの総数 – 全世界で+659%の急増 IoTエクスプロイト(+15%)と暗号化された脅威(+117%)も増加傾向 SonicWallは29万3,989件の「未知の」マルウェア亜種を発見 ...
    Read More
  • SonicWall、マネージドエンドポイントサービスによってより高い柔軟性を提供する公約を実現
    SonicWallは24時間年中無休のセキュリティオペレーションセンター(SOC)によってマネージド検出/応答(MDR)ソリューションを強化し、一連のマネージドソリューションでパートナーの成長を推進 カリフォルニア州ミルピタス — 2024年2月8日 —SonicWallは、大切なチャネルパートナーからのフィードバックを活用し、MSP向けにカスタマイズされた多数のマネージドサービスを初めて提供する...
    Read More