Stealing corporate credentials is a lucrative business in the underground markets. Threat actors have been found to go to various lengths to obtain those. Now, another group of cybercriminals has been observed impersonating Adobe online services and using fake notifications to lure their victims. According to Kaspersky researchers, messages inside the phishing emails claim that a file has been shared using Adobe PDF online service. However, this service name does not exist. It is suspected to be impersonating genuine services, such as Acrobat online or Document Cloud.
The use of malicious PDF files in phishing emails is prominently displayed in several recently observed attacks. A lot of incidents have witnessed attackers using PDF files to target unsuspecting users. Phishing emails spoofing the names of well-known software to fool recipients is a common yet effective threat. A common set of security hygiene measures can greatly reduce the risk of infection from this threat. Companies can protect themselves by providing training to their employees about spotting phishing attacks. Moreover, they can use anti-phishing solutions and use security products with anti-phishing components.
For more Information: Click Here