Sophisticated PDF Phishing Scam Bypasses Mobile Security
A novel phishing scam targeting mobile devices uses a never-before-seen obfuscation technique to hide links to fake United States Postal Service (USPS) pages within PDF files. By manipulating PDF elements, clickable URLs become invisible to users and mobile security systems, bypassing detection from several endpoint security solutions. Malicious PDFs are sent via SMS, posing as failed delivery notifications. The links are embedded in a compressed stream, hidden by matching font and background colors, and positioned under an image. Clicking a seemingly innocuous "Click Update" button actually activates the hidden link to a spoofed USPS site, leading to data theft. Over 20 variations of malicious PDFs and 630 phishing pages, supporting 50 languages, suggest international targeting and the potential use of a phishing kit. This highlights the vulnerability of mobile users' trust in PDFs and the need for enhanced mobile security measures.