Who would have thought that even PDFs can be injected with malicious codes!
Well, hackers stop at nothing and use every possible source there is. Most of us are completely unaware of a PDF file attachment being corrupted with malware and open these attachments without giving them a second thought. Anti-malware tools that scan emails are simply not enough. Signature-based malware detection is cumbersome because by the time the research is done and a signature gets attached so that antimalware can block them, the malware has already done the damage.
Experts on this topic seem to think that a combination of security awareness and technical controls might help, and recommend a new method called sandboxing. This method diverts traffic to a virtual environment where the emails and other files are examined and then diverted back to the finish point.
While other recommendations do exist and are in their early stages, incorporating sandboxing into their security scope is an option for companies to think about in the future.
