Friday, August 10, 2007

What the PDF is that?

Q: I’ve been getting a lot of mail with PDF attachments. What are these things and how do I stop them?

A: A few months ago, I wrote an article concerning the latest bane of our email Inboxes called “image spam.” Image spam was introduced about two years ago and rapidly became the scourge of inboxes everywhere. Image spam is email that contains an image of text rather than actual text. Email filters were having a difficult time with this type of spam because the text could not be analyzed for spamminess as easily as standard text email.

Anti-spam companies finally figured out ways to filter image spam so it has fallen out of fashion and is beginning to be replaced with a new sort of spam involving PDF file attachments. Most of these attachments are generated by “zombie” computers infected with a virus called the Storm worm. It is estimated that this virus is currently responsible for nearly 30% of all spam.

The Storm worm is spread by misrepresenting itself as a greeting card from a “family member.” If you click on the link contained in one of these messages, the Storm worm will try to infect your computer. Once infected, the worm will send PDF spam to everyone in your Contacts folder. This worm is easily thwarted by computers running updated antivirus spyware.

Let me remind you that you should never open an attachment or click a link in a suspicious email from someone you don’t know. But if you were silly enough to open one of these PDF attachments you would likely see a pump-and-dump message about a particular stock or perhaps a message touting a magic pill that will enhance various body parts.

Opening the PDF files themselves is probably not a serious risk to your computer but keep in mind that email attachments, in general, are one of the primary means of infecting your computer with a virus. It’s a good habit to never open an attachment unless you know the attachment is safe to open.

There are a couple of things you can do to minimize the annoyance caused by PDF spam. The first option is to create a filter within your mail reader that will immediately delete any mail that has a PDF attachment. Take a look at your mail reader’s help file for instructions on how to create a rule that will delete all mail with a PDF attachment.

Those of you who must be able to receive PDF attachments may wish to consider commercial anti-spam products from companies such as Symantec and McAfee. These filters can reduce PDF spam while allowing legitimate PDF attachments but, at the moment, anti-spam companies are struggling with ways of dealing with PDF spam. For now, perhaps the best bet is to simply ignore them or hit the “delete” key.

Jim Fisher owns Excel Computer Services in Florence. His column runs every other Monday. Ask questions by visiting

No comments: