Industry News and Events

SonicWall Detects, Reports Dramatic Rise in Fraudulent PDF Files in Q1 2019

PRESS RELEASE – April 18, 2019

MILPITAS, Calif. — SonicWall Capture Labs threat researchers are reporting a substantial increase of fraudulent PDF files. This fraud campaign takes advantage of recipients’ trust in PDF files as a “safe” file format that is widely used and relied upon for business operations.

“Increasingly, email, Office documents and now PDFs are the vehicle of choice for malware and fraud in the cyber landscape,” said SonicWall President and CEO Bill Conner. “SonicWall Capture ATP with its RTDMI technology is at the forefront of catching new cyberattacks that elude traditional security sandbox technology. For example, in all of last year, our Capture ATP sandbox discovered more than 47,000 new attack variants in PDF files. This year, we’ve already seen that number rise significantly with over 73,000 PDF-based attacks discovered in March alone.”

Last year, SonicWall Real-Time Deep Memory Inspection (RTDMI™) identified over 74,000 never-before-seen attacks, a number that has already been surpassed in the first quarter of 2019 with more than 173,000 new variants detected. In March, the company’s patent-pending RTDMI technology identified over 83,000 unique, never-before-seen malicious events, of which over 67,000 were PDFs linked to scammers and more than 5,500 were PDFs with direct links to other malware.

Targets of the phishing style PDF scam campaigns typically receive malicious documents from "businesses" luring victims with attached PDF files that look deceivingly realistic with misleading links to fraudulent pages. The business offer within the PDF attachment is enticing to recipients, as it promises to be free and profitable with just the click of a link.

Most traditional security controls cannot identify and mitigate links to scams or malware hidden in PDF files, greatly increasing the success of the payload. This increase implies a growing, widespread and effective strategy against small- and medium-sized businesses, enterprises and government agencies.

RTDMI identifies and blocks malware that may not exhibit any detectable malicious behavior or hides its weaponry via encryption. By forcing malware to reveal its weaponry into memory, RTDMI detects and proactively stops mass-market, zero-day threats and unknown malware accurately utilizing real-time, memory-based inspection techniques. RTDMI also analyzes documents dynamically via proprietary exploit detection technology, along with static inspection, to detect many malicious document categories.

About SonicWall

SonicWall has been fighting the cybercriminal industry for over 27 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, our award-winning, real-time breach detection and prevention solutions secure more than a million networks, and their emails, applications and data, in over 215 countries and territories. These organizations run more effectively and fear less about security. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

latest stories

  • SonicWall 위협 데이터로 드러난 사이버 공격의 깊이 - 높아지는 관리형 서비스 제공자(MSP)의 필요성
    총 침해 공격 건수 증가(+20%), 위협 행위자의 전술 다각화 - 전 세계에서 공격 증가 랜섬웨어는 한 해 내내 거셌으며(하반기 +27%) 여름철에 절정(+37%) 총 크립토재킹 공격 건수 – 전 세계에서 +659% 급증 IoT 취약점 공격(+15%)와 암호화된 위협(+117%)도 상승세 '기존에 없었던' 맬웨어 변종 SonicWall...
    Read More
  • SonicWall, 관리형 엔드포인트 보안서비스로 확대하고 있습니다,
    SonicWall은 파트너 성장을 더욱더 촉진하기 위해 연중무휴24x7 보안운영센터(SOC)를 갖춘 관리형 탐지 및 대응(MDR) 제품군을 새롭게 확장합니다. 캘리포니아주 밀피타스 — 2024년 2월 8일 —소중한 채널 파트너의 피드백을 반영하여 SonicWall은 오늘, MSP를 위해 맞춤 구성된 여러 관리형 서비스가 제공된다고 발표했습니다. SonicW...
    Read More
  • SonicWall, 검증된 클라우드 보안 업체를 인수함으로써 SASE 오퍼링 가속화
    SonicWall, 현대적 원격 근무를 위한 클라우드 보안 플랫폼 역량을 배가하기 위해 Banyan Security 인수 캘리포니아주 밀피타스 — 2024년 1월 3일 — 세계를 선도하는 사이버 보안 기업인 SonicWall은 오늘, 현대적인 근무 환경 역량 강화를 위해 SSE(Security Service Edge) 솔루션의 선도적 업체인 Banyan S...
    Read More