Hidden in Plain Sight: PDF Mishing Attack
Essential information
- Published
- 27/01/2025 20:08
- Modified
- 27/01/2025 20:43
- Tags
- 2025-01-27 credential-theft pdf phishing
- Related entities
- 200 observables, 9 techniques (mitre), 1 others
Description
A sophisticated phishing campaign targeting mobile devices has been discovered, impersonating the United States Postal Service (USPS). The campaign uses a novel obfuscation technique in PDF files to hide malicious links, making detection difficult for many security solutions. The attack exploits users' trust in PDF documents and leverages advanced social engineering tactics. The malicious PDFs contain hidden, clickable elements that redirect users to phishing pages designed to steal personal and financial information. The campaign's infrastructure includes over 20 malicious PDF files, 630 phishing pages, and potential impact across 50+ countries. The attackers use multilingual support and encryption techniques to expand their reach and protect their operations.