PDF malware keeps infecting PC users by sending fake letters with infected Adobe .PDF file attached. While security experts claim that such way of attack is not a new thing, many people still report getting malware after being convinced to open a letter from legitimate-looking company and save their document presented as receipt, ticket or other document with infected .PDF file inside. The procedure of getting infected is very simple because email always instructs its recipients what they should do: they are asked to open the file and save it on their desktop.
Here is an example of such attack which looks like a letter from the USPS (United States Postal Service) but has infected Adobe .PDF file attached:
Unfortunately we failed to deliver the postal package you have sent on the 19th of September in time because the recipient’s address is erroneous. Please print out the shipment label attached and collect the package at our office. United States Postal Service
Unnoticeably for the user, attached file additionally connects to the IP address and downloads step.exe for FakeSysDef rogue anti-malware. After some research, step.exe can be expected to do much harm on victim’s computer, like download other files, update a copy of itself or simply waiting for commands from its controller.
If you think you might have got this threat, check your system with updated anti-spyware program. In most of the cases, this malware will be found as Trojan.Win32.Generic!BT. As always, we must warn you to avoid such kinds of emails, because in most of the cases people don’t even remember having hade any deals with such companies. In addition, you should be especially careful on the Black Friday and Cyber Monday because scammers always use these days to infect those who are shopping online or doing other business.