Industry News and Events

SonicWall Detects, Reports Dramatic Rise in Fraudulent PDF Files in Q1 2019

PRESS RELEASE – April 18, 2019

MILPITAS, Calif. — SonicWall Capture Labs threat researchers are reporting a substantial increase of fraudulent PDF files. This fraud campaign takes advantage of recipients’ trust in PDF files as a “safe” file format that is widely used and relied upon for business operations.

“Increasingly, email, Office documents and now PDFs are the vehicle of choice for malware and fraud in the cyber landscape,” said SonicWall President and CEO Bill Conner. “SonicWall Capture ATP with its RTDMI technology is at the forefront of catching new cyberattacks that elude traditional security sandbox technology. For example, in all of last year, our Capture ATP sandbox discovered more than 47,000 new attack variants in PDF files. This year, we’ve already seen that number rise significantly with over 73,000 PDF-based attacks discovered in March alone.”

Last year, SonicWall Real-Time Deep Memory Inspection (RTDMI™) identified over 74,000 never-before-seen attacks, a number that has already been surpassed in the first quarter of 2019 with more than 173,000 new variants detected. In March, the company’s patent-pending RTDMI technology identified over 83,000 unique, never-before-seen malicious events, of which over 67,000 were PDFs linked to scammers and more than 5,500 were PDFs with direct links to other malware.

Targets of the phishing style PDF scam campaigns typically receive malicious documents from "businesses" luring victims with attached PDF files that look deceivingly realistic with misleading links to fraudulent pages. The business offer within the PDF attachment is enticing to recipients, as it promises to be free and profitable with just the click of a link.

Most traditional security controls cannot identify and mitigate links to scams or malware hidden in PDF files, greatly increasing the success of the payload. This increase implies a growing, widespread and effective strategy against small- and medium-sized businesses, enterprises and government agencies.

RTDMI identifies and blocks malware that may not exhibit any detectable malicious behavior or hides its weaponry via encryption. By forcing malware to reveal its weaponry into memory, RTDMI detects and proactively stops mass-market, zero-day threats and unknown malware accurately utilizing real-time, memory-based inspection techniques. RTDMI also analyzes documents dynamically via proprietary exploit detection technology, along with static inspection, to detect many malicious document categories.

About SonicWall

SonicWall has been fighting the cybercriminal industry for over 27 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, our award-winning, real-time breach detection and prevention solutions secure more than a million networks, and their emails, applications and data, in over 215 countries and territories. These organizations run more effectively and fear less about security. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

latest stories

  • SonicWall 威脅資料揭示網路攻擊深度;促進對託管服務提供商 (MSP) 的需求
    隨著威脅行為者採取多樣化策略,總體入侵嘗試量攀升 (+20%) - 全球攻擊數量增加 勒索軟體全年加劇 (2 小時內增加 +27%),在夏季達到頂峰 (+37%) 騎劫挖礦總量 – 全球激增 +659% 物聯網漏洞利用 (+15%) 和加密威脅 (+117%) 也呈上升趨勢 SonicWall 發現了 293,989 種「前所未見」的惡意程式變體 – 每天 805 種 加利...
    Read More
  • SonicWall 履行承諾,透過託管式端點服務提供更大靈活性
    Sonicwall 透過 24/7 安全運營中心 (SOC) 擴展託管式偵測及回應 (MDR) 解決方案,透過託管式解決方案套件推動合作夥伴發展 加利福尼亞州米爾皮塔斯 — 2024 年 2 月 8 日 — 根據其重要的通路合作夥伴之意見反應,Sonicwall 今日宣布其首次提供多項專為 MSP 量身定製的託管服務。SonicWall 將端點供應商新增至其託管式偵測及回應 (MDR) 解決方案,...
    Read More
  • SonicWall 加快發展 SASE 產品;收購可靠的雲端安全提供商
    SonicWall 透過收購 Banyan Security 強化其針對現代遠端辦公員工的雲端安全平台 加利福尼亞州,米爾皮塔斯 — 2024 年 1 月 3 日 — 全球網路安全領導者 SonicWall 今日宣佈收購 Banyan Security,一家為現代員工提供安全服務邊緣 (SSE) 解決方案的領先提供商。此次收購強化了 SonicWall 的產品組合,為正在替換 SSE 解決方案(包...
    Read More