Watch Out for Nasty PDFs in your Email

As many of my readers know, I keep in touch with various computer security lists and try to winnow out the really nasty ones that might affect even careful people.

It's not that I distinguish careful from not-so-careful people - just that everyone should be on the lookout for nasty things in general using their common sense - don't allow your email program to open attachments on its own or bring in web pages on its own - and don't open or retrieve stuff from anyone who you have not checked with some other way is actually sending you something.

It's kind of like the difference between the US/European way of "detecting" terrorists on our airplanes vs. the way that the Israelis do it:

The US/Europeans check every piece of luggage, scan all your shoes, and now want to scan your body with full body scanners - they look for everything everywhere. This wastes a lot of manpower and as we've seen this past Xmas, it is not all that effective - but it sure uses up a lot of manpower and you spend hours in the lines.

The Israelis check you 6 times from the time you get to the airport to the time you get on the plane - but each and every time they look in your eyes, because that is where they see whether you are truly just a passenger, or are someone trying to hide something. Their airport waiting time is less than 30-40 minutes. I know - I've been through it.

Read this article for more on the difference as far as the airlines is concerned

You need to "look in the eyes" of everything on the internet that has the potential to damage you and your computer - look at what it is that it is trying to do.

Read on for details of this nasty-gram

PDF, virus, anti-virus, internet storm center, SANS, israelification, airport security, email security, facebook, viagra, attachments, webThe Internet Storm Center is detailing a surge in nasty PDF attachments to email that is not detected by most of the virus scanners they test (only 6 out of 40)

The documents exploit a vulnerability in Adobe Reader and Acrobat 8.0 through 9.2 and maybe earlier versions. The emails have been seen starting in December and continuing to date.

Subjects of these PDFs include:

• note200911.pdf
• note_20091210.pdf
• Outline of Interview.pdf
• merry christmas.pdf
• and one with Chinese characters in it - which unless you're Chinese I'd hope you would not open in any case

I've received several of these myself - along with a huge number of "New login system" from facebook (and Facebook account update and others) as well the typical batch of viagra and other drug ads.

The spammers and hackers are getting better. More and more of their messages are evading the spam checkers as being composed of legitimate-sounding prose. The hackers and others wanting you to open their attachments are also getting better at masking themselves behind what appears to be legitimate incoming email and legitimate web sites and ads. 

The bottom line is - keep your Anti-Virus up to date but use your common sense - even the AV people don't always get it right.

Tag: pdf virus anti-virus internet storm center sans israelification airport security email security facebook viagra attachments web