Home / malwarePDF  

Trojan:Win32/Pdfphish


First posted on 27 January 2017.
Source: Microsoft

Aliases :

There are no other names known for Trojan:Win32/Pdfphish.

Explanation :

This threat is a .pdf file with a malformed hyperlink to phishing websites or other malicious sites. It usually arrives as attachment to spammed email messages.

The following screenshots show sample .pdf content with malicious link:

When you click the link, you are led to led to either a phishing page where you are tricked into divulging sensitive information, such as email credentials. In other cases, you are led to websites where a malware, such as PWS:Win32/Zbot, is hosted.

The following are screenshots of sample phishing sites:





Analysis by Alden Pornasdoro

Last update 27 January 2017

 

TOP