www.avanan.com
Open in
urlscan Pro
2606:2c40::c73c:67fe
Public Scan
Submitted URL: https://www.avanan.com/e3t/Ctc/2H%20113/ccGyW04/VWJytN141lpqW3WvZSS8h0cxZW28qdJZ50GmYTN2bpb_V5nCT_V3Zsc37CgDrDW1mCsSL53...
Effective URL: https://www.avanan.com/blog/pdf-based-attacks-on-the-rise-heres-how-deep-learning-can-prevent-them?utm_campaign=Campaig...
Submission: On July 06 via api from US — Scanned from DE
Effective URL: https://www.avanan.com/blog/pdf-based-attacks-on-the-rise-heres-how-deep-learning-can-prevent-them?utm_campaign=Campaig...
Submission: On July 06 via api from US — Scanned from DE
Form analysis 2 forms found in the DOM
https://www.avanan.com/search-results
<form id="avananSearch" class="js-focus-state input-group input-group-lg" action="https://www.avanan.com/search-results">
<input style="width: 1% !important;" type="search" name="term" autocomplete="off" class="form-control" placeholder="Search Avanan" aria-label="Search Avanan">
<div class="input-group-append">
<button type="submit" form="avananSearch" value="Submit" class="btn btn-primary" aria-label="Search">Search</button>
</div>
</form><form action="" onsubmit="LO.submit_chat(); return false;">
<div id="lo_chat_input" style="position:relative; width: 100%; ">
<div class="lo-fx-hr" style="height:0px; margin-bottom:0px; margin-top:0px; width:100%; border-top:1px solid #000000;border-bottom:1px solid #4f4f4f"></div>
<div style="padding:10px;"><label for="lo_chat_textarea" style="display:none">Chat Input Box</label><textarea id="lo_chat_textarea" disabled="disabled" rows="2"
style="color: black; background-color: rgb(255, 255, 255); border-radius: 5px; padding: 7px; height: auto; width: 100%; font-family: sans-serif; text-transform: none; resize: none;" dir="null" data-last-scroll-height="0"></textarea></div>
<div id="lo_chat_sound_holder" style="position:absolute; right:0px; top:-25px; width:100%;">
<div style="cursor: pointer; float:right; opacity:0.6; padding-right:10px; height:16px;" id="lo_chat_sound"><img alt="Click to mute chat sounds" src="https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png"></div>
<div id="lo_chat_status" style="padding-left:10px; font-size:11px; color:#6d6d6d"></div>
<div style="clear:both;"></div>
</div>
</div>
</form>Text Content
This website uses cookies to improve your browsing experience. See our Privacy
Policy.
Click here if browsing from the European Union.
Got it!
×
Search
Quick Links
Avanan Blog Attack Briefs Events Webinars
Anti-Phishing Avanan vs ATP Contact Us About Us
* Search
* Support
* Solutions
Platforms
* Microsoft 365
* G Suite
* Slack
* Teams
* File Sharing
* All Solutions
Security
* Anti-Phishing
* Malware & Ransomware
* Account Takeover Protection
* DLP & Compliance
* Archiving
* Incident Response-as-a-Service
Read Our Case Studies
See how well we have worked for different industries
Learn More
* Pricing
* Why Avanan
Why Avanan
* How it Works
* About Us
* True AI
* Threat Calculator
Compare Avanan
* Compare
* Avanan vs Other API Solutions
* Avanan vs Secure Email Gateways
See How Others Compare
View Now
* Partners
Resellers
* Become a Reseller
MSP/MSSP
* Become a MSP/MSSP
Access Our Partner Portal
Go Now
* Resources
Blog
* Attack Briefs
* All Blog Posts
Events
* Upcoming Webinars
* Conferences
* Regional Events
* All Events
Resources
* On-Demand Webinars
* White Papers & Solution Briefs
* Case Studies
* Avanan Comics
* Videos & Presentations
* News
* All Resources
Read our Attack Briefs
Breaking news and exclusive details from our white-hat hackers on advanced
inbox threats.
Learn more
* Free Trial
* Get Demo
AVANAN SUPPORT
×
DOCUMENTATION
OPEN A TICKET
`
1. Blog Home
2. Attack Briefs
3. PDF-Based Attacks on the Rise: Here's How Deep Learning Can Prevent Them
PDF-BASED ATTACKS ON THE RISE: HERE'S HOW DEEP LEARNING CAN PREVENT THEM
* Posted by Jeremy Fuchs on June 27, 2023
*
* Share
*
In June, 43% of all malicious files were PDFs, indicating a significant rise in
their use for malicious purposes.
'Deep PDF', integrated into ThreatCloud AI, protects against various vectors
including email, web downloads, HTML smuggling, SMS messages, and more, keeping
Check Point Quantum and Harmony customers safe and secure against global-scale
phishing campaigns.
The integration of 'Deep PDF' into ThreatCloud AI is a game-changer in the fight
against global phishing campaigns. It conducts a thorough examination of PDF
structures, URLs, and images to pinpoint phishing layouts.
By deciphering abstract features and differentiating between malicious and safe
files, it can detect a vast array of campaigns that may have been missed by
other vendors.
ATTACK IN ACTION
The malicious PDF file masquerades as a legitimate 'DocuSign' document, luring
unsuspecting users to a fraudulent webpage where they are asked to enter their
login credentials, including the recipient's email address.
Within DocuSign, 'Deep PDF' easily detects that the phishing URL is readily
accessible, and the URL itself contains unsafe characteristics, such as an '@'
symbol:
(https://ipfs[.]io/ipfs/QmTLKnENpVmWBA579ME8hVU6KQxPShAxNtDTnsFZYRL5UW?filename=index.html#finance.division@nanaimo.ca).
After clicking on the “VIEW COMPLETED DOCUMENT” button, a web page opens and
requests the user to input their login credentials.
Thanks to 'Deep PDF', the user was protected from opening the malicious webpage
as it was blocked after scanning the PDF.
Further analysis of the webpage's source code revealed that it was created with
the help of 'glitch.com', a website that enables quick and easy creation of web
pages.
Upon conducting a more in-depth analysis of the traffic, it was discovered that
the HTML file had embedded JavaScript code, functioning as a universal template
for stealing information. The JavaScript code was particularly noteworthy, as it
contained a comment reading "//new injection//," indicating that the attacker
had altered the URL to redirect the user to their own domain.
After the user submits the password request, the credentials are sent to this
webpage: https://aurigabar.ch/docucas/logs.php.
Once the user submits their password request, they are redirected to a fake
DocuSign login page that mimics a timeout to deceive the user into believing
they need to verify their identity.
FINAL THOUGHTS
Check Point's Harmony customers with activated Threat Emulation are safeguarded
against these types of attacks. This is just one example of how our Threat
Emulation 'Deep PDF' can detect and prevent phishing campaigns through
structural analysis, URLs, and other metadata, without relying on static
signatures or manual assistance. By integrating 'Deep PDF' into our Threat
Emulation product suite, we provide an additional layer of digital protection
against cyber threats.
*
* Share
*
TOPICS:
Blog
Attack Briefs
NEXT POST:
ARTIFICIAL INTELLIGENCE IN CYBERSECURITY: HOW CHECK POINT'S THREATCLOUD AI WORKS
Check Point Software Technologies (Avanan)
Email Security
4.7
521 Ratings
Submit a review
As of 6 Jul 2023
* Reviewed July 1, 2023
"Easy to deploy and manage ..." (read more)
* Reviewed June 23, 2023
"Avanan just works to protect your email...." (read more)
* Reviewed June 12, 2023
"Avanan,,,,, the best and most secure email security solution i have ever
used. ..." (read more)
* Reviewed June 12, 2023
"Avanan email security protects your email and collaboration suites using
AI/ML algorithms..." (read more)
* Reviewed June 11, 2023
"Very nice, fantastic and pocket friendly cloud email security application.
..." (read more)
* Reviewed June 9, 2023
"Ultimate cloud cover protection against cloud phishing ..." (read more)
* Reviewed June 5, 2023
"User Experience..." (read more)
* Reviewed June 1, 2023
"Great and worth the cost!..." (read more)
* Reviewed May 30, 2023
"Threat detection capabilities and Prevention..." (read more)
* Reviewed May 29, 2023
"Fortify your cloud collaboration and advanced threat protection with avanan
..." (read more)
* Reviewed May 26, 2023
"Google Workspace security and protection aginst cyber risk..." (read more)
* Reviewed May 24, 2023
"Happy Avanan customer!..." (read more)
* Reviewed May 24, 2023
"Avanan is Superior..." (read more)
* Reviewed May 24, 2023
"Avanan review..." (read more)
* Reviewed May 24, 2023
"Best Email Security Product on the Market..." (read more)
* Reviewed May 24, 2023
"I sleep better at night with Avanan protecting us...." (read more)
* Reviewed May 24, 2023
"Avanan will greatly reduce the amount of spam and malicious emails your org
gets..." (read more)
* Reviewed May 23, 2023
"Avanan a powerfull solution for the protection of Email and Collaborative
Applications..." (read more)
* Reviewed May 23, 2023
"Checkpoint Review..." (read more)
* Reviewed May 23, 2023
"The best platform to strengthen cloud and collaboration security ..." (read
more)
GET A DEMO
Experience the power & simplicity.
Learn More
* POPULAR
* Safe Links | Why Is This Microsoft Office 365 Safe Link Not Safe?
* HTML Attachments: The Latest Phishing Trend Targeting Office 365
* Mimecast vs. Proofpoint: Why They Can't Secure Office 365 & Gmail
* Why Multi-Factor Authentication (MFA) Security Isn't Foolproof
* baseStriker: Office 365 Security Fails To Secure 100 Million Email Users
* Widespread in Office 365: Zero-Day Virus Email Ransomware Attack
CATEGORIES
* Blog (636)
* Attack Briefs (253)
* News (51)
* Case Studies (18)
* Microsoft ATP (8)
14-Day Free Trial – Experience the power and simplicity of Avanan Cloud
Security. Start Free Trial
ABOUT
* About Us
* Careers
* Partners
* Terms of Service
* Privacy Policy
EXPLORE
* Platform
* How it Works
* View Pricing
* Free Trial
* Get a Demo
GET IN TOUCH
Contact Us +1 (855) 528-2626 info@avanan.com 259 West 30th Street
New York, NY 10001
*
*
LATEST FROM THE AVANAN BLOG
Teams Attacks Continue to Spread
* View All Blog Posts →
© Copyright 2023 Avanan. All Rights Reserved.
Live Chat is Online
Chatting
0
×
–
undefined
Chat Input Box
Chat
Powered by