• Home
  • /
  • Security
  • /
  • SonicWall detects, reports dramatic rise in fraudulent PDF files in Q1 2019

SonicWall detects, reports dramatic rise in fraudulent PDF files in Q1 2019

Milpitas, Calif, 23 Apr 2019
Read time 2min 20sec

SonicWall Capture Labs threat researchers are reporting a substantial increase of fraudulent PDF files. This fraud campaign takes advantage of recipients' trust in PDF files as a "safe" file format that is widely used and relied on for business operations.

"Increasingly, e-mail, Office documents and now PDFs are the vehicle of choice for malware and fraud in the cyber landscape," said SonicWall President and CEO Bill Conner.

"SonicWall Capture ATP with its RTDMI technology is at the forefront of catching new cyber attacks that elude traditional security sandbox technology. For example, in all of last year, our Capture ATP sandbox discovered more than 47 000 new attack variants in PDF files. This year, we've already seen that number rise significantly, with over 73 000 PDF-based attacks discovered in March alone."

ITWeb Security Summit 2019

Now in its 14th year, ITWeb Security Summit brings together leading international and local experts, analysts and end-users to unpack the latest threats facing African CISOs, CIOs, security specialists and risk officers. Register before 8 March to take advantage of the early bird discount. To find out more, click here.

Last year, SonicWall Real-Time Deep Memory Inspection (RTDMI) identified over 74 000 never-before-seen attacks, a number that has already been surpassed in the first quarter of 2019 with more than 173 000 new variants detected. In March, the company's patent-pending RTDMI technology identified over 83 000 unique, never-before-seen malicious events, of which over 67 000 were PDFs linked to scammers and more than 5 500 were PDFs with direct links to other malware.

Targets of the phishing style PDF scam campaigns typically receive malicious documents from "businesses" luring victims with attached PDF files that look deceivingly realistic, with misleading links to fraudulent pages. The business offer within the PDF attachment is enticing to recipients, as it promises to be free and profitable with just the click of a link.

Most traditional security controls cannot identify and mitigate links to scams or malware hidden in PDF files, greatly increasing the success of the payload. This increase implies a growing, widespread and effective strategy against small- and medium-sized businesses, enterprises and government agencies.

RTDMI identifies and blocks malware that may not exhibit any detectable malicious behaviour or hides its weaponry via encryption. By forcing malware to reveal its weaponry into memory, RTDMI detects and proactively stops mass-market, zero-day threats and unknown malware, accurately utilising real-time, memory-based inspection techniques. RTDMI also analyses documents dynamically via proprietary exploit detection technology, along with static inspection, to detect many malicious document categories.

To learn more about RTDMI and securing your network, please remember to visit SonicWall at the ITWeb Security Summit, southern Africa's definitive conference and expo for information security, IT and business professionals, at the Sandton Convention Centre, Johannesburg, from 28-29 May.

Please click here to view our video.

For more information, go to


SonicWall has been fighting the cyber criminal industry for over 27 years, defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, the company's award-winning, real-time breach detection and prevention solutions secure more than a million networks and their e-mails, applications and data, in over 215 countries and territories. These organisations run more effectively and fear less about security. For more information, visit or follow the company on Twitter, LinkedIn, Facebook and Instagram.

See more about SonicWall RTDMI here:

Editorial contacts
SonicWALL Kim McCarthy (+353) 87 8278524
Login with