This Scam Uses PDFs to Steal Your Passwords

These SEO keyword-filled PDFs appear high in web searches, which make them particularly dangerous for everyday users.
Conor Cawley

The lengths by which cyber criminals will go to steal your personal information are endless, as a new scam has arisen that uses PDFs filled with SEO keywords to download malware on your device and steal your passwords.

Scams have become a regular part of online life in recent years, which means that finding ways to protect yourself is key to your continued enjoyment of the world wide web. Between ransomware attacks holding your data hostage to phishing emails tricking you into giving it up yourself, knowing what kind of scams are out there is the first step in protecting yourself.

That's why we're getting the word out that a new scam is using keyword-laden PDFs to get your personal information with you even realizing it.

The New Scam Using PDFs to Steal Information

According to Microsoft, who tweeted about the new potential threat, the cyber criminals behind the SolarMaker malware attack have been utilizing PDFs filled with SEO keywords to steal personal data and passwords. Because the files are so heavily stacked with these SEO keywords, they place unusually high on search results, leading to a surprisingly high success rate, which is a problem.

This method, dubbed SEO poisoning, is surprisingly effective, yet not nearly as new as it may sound. Hackers have been using it for a while to spread malware, although Microsoft notes this is a particularly thorough one that put you through quite the ringer before eventually getting you to download a malicious file.

How Does This New Scam Work?

In earnest, this scam should be pretty easy to spot, but we're going to walk you through it just so you don't fall victim to it on accident.

It starts with a web search. Because the PDFs are chock full of SEO keywords, these malicious links could be within the first page of Google of virtually any topic — from “insurance forms” to “math answers” — giving the appearance of a reputable resource.

Once you've clicked that link, the madness begins. You'll be redirected to between five and seven different Google Sites until you eventually land on “an attacker-controlled site, which imitates Google Drive.” At that point, you'll be asked to download a file, which will have the malware on it.

Once you've done that, you're in trouble. The malware will scrub your device for personal information, passwords, credit card numbers, and anything else that might be valuable to a hacker.

How to Protect Yourself Online

The best way to protect yourself from this scam is to never download anything from a simple web search. If you can't find “math answers” or “insurance forms” in a single click, there's no reason to move forward. Especially considering this scam requires you to click through multiple sites just to get an answer, your spidey senses should be tingling before you get anywhere near a malicious link.

Still, if you want to make sure you don't fall victim to this or any other malware attack, your best bet is going to be antivirus software. These platforms are designed to not only warn you about malicious links, but also steer you clear of these kinds of phishing websites.

If you want to take it a step further, password managers and VPNs are the best way to keep yourself safe online. Given that passwords are the first and sometimes only obstacle to hackers and that unsecured networks run rampant throughout the US, both tools can do a lot to keep you safe when it comes to your online presence.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Conor is the Senior Writer for Tech.co. For the last five years, he’s written about everything from Kickstarter campaigns and budding startups to tech titans and innovative technologies. His extensive background in stand-up comedy made him the perfect person to host tech-centric events like Startup Night at SXSW and the Timmy Awards for Tech in Motion. You can email Conor at conor@tech.co.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals