• Posted Sept. 14, 2015, 2:36 p.m. - 7 years ago

Managing Malware & Virus Risks in PDF Documents


Whilst we boast that Infix is immune to all PDF viruses, not all PDF viewers or editing programs can say the same and it’s important that users are aware of what to look out for when they receive a PDF that contains multimedia content and/or hyperlinks (2 of the most common causes of malware spread via a PDF document).

•    Multimedia Content
Any type of multimedia within a PDF, such as movies or MP3 files can be a target for hackers to infiltrate with a malware attack. The content incorporated may play as normal, but behind the scenes the malware code will spread as soon as the content is executed, leaving the device that is being used open to infiltration if no protection is in place.

•    Hyperlinks
It’s common to use hyperlinks within digital documents, not just PDFs but other file types including Word and Excel. These are often targeted by PDF hackers to take users not to the specified URL within the document, but a third party infected website that will download malware to the user’s device as soon as the page is opened. This can be disguised by something as innocent as a redirect process that covers up the true nature of the site being opened.


Checking Content

If you have a PDF sent to you that you haven’t created personally, it’s best to exercise caution. Before clicking on a hyperlink, hover over it and see what URL it brings up. If the URL doesn’t match the hyperlink text, or is to a website that bears no relevance to the document, it has a risk of linking to an infectious website. Try typing the suspicious domain into a search engine and seeing if anyone else has flagged it as a problem – but unless you have very good antivirus and malware protection on your machine, don’t visit the website itself. Contact the original sender of the PDF and ask them to verify the identity of the link before opening it – or their own identity, if you don’t know them.

Preventing Attacks

•    The majority of threats come from PDFs sent via email from unknown senders – these can be named anything from odd query strings of letters and numbers to something as innocuous as “invoice” – depending on the hacker, they’ll be trying to get the PDF opened by as many people on their mailing list as possible. Most antivirus programs will flag a suspicious PDF and move it to Spam or alert you accordingly, but if you are using a webmail based email client, this isn’t as simple. If you’re not expecting a PDF attachment, or receive one from an unknown sender, don’t open it.
•    If you see a PDF on a website, don’t automatically assume it’s safe to download. Websites can be hacked without any outward sign of problems, and PDFs uploaded that contain viruses or malware without the site owner’s knowledge. If the site looks at all untrustworthy, or the PDF is included on a page at random, don’t open it. If you want a copy of what you think the PDF is offering, contact the website owners – if they’re legit, they’ll be only too happy to help!
•    Set your computer to ask you every time what program to open a PDF in. that way, if you do accidentally open one from an email or website you think you can’t trust, you can cancel the request before it autoloads.
•    As the Javascript contained within a PDF can also be infected, set your PDF reader to disable Javascript automatically. This means some of the features may not work until it’s enabled again, but it also protects against any automated Javascript processes loading and infecting your device.