Hook attacks via PDF files: how to protect yourself

Illustration of a computer hacker with a laptop. Source: ONEC1
In a recent report, Zimperium security researchers have identified a new phishing campaign that uses malicious PDFs distributed by SMS and by email.
Here is what we know
These files contain hidden malicious links that redirect users to phishing websites where personal information such as names, addresses and details of credit cards are stolen. The method used by attackers to hide the links is particularly dangerous: instead of using the standard tag /URI, they use graphic overlays, which makes it difficult to detect the threat.
Example of a phishing attack using a PDF file. Illustration: Zimperium
Mobile devices are particularly vulnerable to these attacks due to the reduced size of the screen, which limits the possibility of checking the content of the files before opening them. Zimperium’s survey made it possible to discover more than 20 malicious PDFs and 630 pages of phishing targeting organizations and individuals in more than 50 countries.
To protect yourself against phishing attacks, it is recommended to verify the sender information, including the accuracy of URL of the websites, to avoid opening messages from unknown shippers and to go directly On sites or banking applications rather than following the links appearing in messages.
Source : Zimperium, techradar