A Phishing Trampoline – embedding redirects in PDF documents

August 21, 2015

Via: phishing

Today I ran into a typical fraud email claiming to come from a U.S. bank but with a twist! Analyzing the attachment, it turns out that there’s no malware inside but instead a new middle step to fool lesser security software.

The original file name is “Swift confirmation .pdf” and it was created using Microsoft Word 2010.

So, if it is not malware then what’s the catch?

Well, this is a ‘Mediabox’-clickable document file used to redirect victims to a phishing website.

Read More