Friday, July 13, 2007

PDF Viruses on Yahoo? nah-uh

During the last few weeks I have received about 3 PDF Containing Emails from people
I didn't know on my yahoo Email account. Then today while I was working at a customer's I was alerted to the fact that she had opened one of the PDF files, mistaking it for a legit attachment, so I knew I needed to find out whether it was dangerous or not.

I began searching for the answer to whether it was a virus or just spam. According to various sites and Antivirus software, this round is just a spamming ploy to make money.

I opened the PDF on my Windows XP PC and scanned it with AVG, and Norton (via yahoo's scanner.)
No virus was found, and the contents of the PDF showed:



The name of this particular file was "check_50290cba35810.pdf" but I have seen many other names.

I tried a simple Google search on SZSN, It appears that this Chinese company may be paying spammers in order to get to get the word out about there new seed and products. Header information could not verify the location of the spammer (no surprise). I can't help wondering if something was really happening with a virus this Morning and has yet to turn up.

But I can only guess the spammer is working out of China which ranks in the top 10 nations for illegal piracy and activity. The disguise of the PDF and the crooked print attempt to make it look more legitimate... to the spam blocker software.

This is something that has become more and more of a problem, spammers get paid to spam. These people have created a new profession which has a paycheck in the thousands or even millions.


Resources:
http://chris.pirillo.com/media/2007/07/02/pdf-viruses/