Anyone using the internet these days is bound to stumble across at least one PDF file, but how many people actually know what this technology is and how it can affect their computer security?
The Portable Document Format (PDF) is a distribution format developed to make sharing information across a wide range of devices, browsers and operating platforms easy and convenient. This means that a PDF file will work and look the same no matter whether you open it in your browser or on your computer with a PDF reader. Factor in that it allows you to include text, images, hyperlinks and multimedia in your document and you have the answer to the question ‘Why have PDF files become so widely-used?’
However, like all popular things, PDF technology has also attracted the attention of cyber-crooks and malware writers hoping to make a living out of cheating unsuspecting internet users, especially those that keep their computers unprotected by antivirus software. The features that have made it “a universal language” for document exchange, namely its flexibility and functionality, also allow an extremely large attack surface to be used for malicious purposes such as fraud and identity theft.
So what exactly are the risks of this format?
There are many places where you can hide arbitrary data and code in a PDF file and that includes all kinds of malware, ranging from keyloggers that steal your personal data to rootkits that hide deep inside your system where they hide from antivirus programs.
PDF is actually a “container format” that can hold a variety of things, including Flash files, audio and video files, all of which offer many points of attack.
Despite Adobe’s best efforts, attackers continue to find new vulnerabilities in PDF files and PDF-rendering software they can exploit, as well as new ways to hide their malicious activity from traditional antivirus software.
What can you do to minimize the dangers of PDF?
PDF files have become one of the most prevalent document types in the business and consumer marketplaces, with many organizations using them as a favourite means of information transfer. So there’s no way to avoid them altogether and the good news is that you don’t really need to. All you need is to follow a few basic guidelines to keep you safe:
Always make sure your PDF-rendering program is updated with the latest security patches. It is recommended that you enable the auto-update setting, so you don’t have to rely on your memory for these crucial updates.
Pay attention to where you get your PDF files from. Unless you download the files and scan them with your antivirus program, there is no way to know for sure if they’re clean or not. So it’s better to stay clear of suspicious websites that offer you free PDF documents, especially if you come across them through links in e-mails and internet ads.
Get a state-of-the-art antivirus program for your computer. Whether you use it to scan downloaded PDF files or as an all-round defence against malware, a modern antivirus tool should have what it takes to deal with emerging internet threats.
BullGuard Antivirus 12 could be the perfect choice for you, as it comes with a double layer of protection: if malware gets past the Signature-based Detection technology due to its previously unknown signature, it will get picked up by the Behavioural Detection feature. This cutting-edge technology keeps an eye on everything that goes on in your system, spotting newly-released malware by how it “acts” and leaving virtually no chances for cyber-criminals to compromise your internet security.