PDF Phishing: Beyond the Bait

McAfee observed a rising four‑month trend of PDF-based phishing campaigns delivered as email attachments that impersonate trusted brands (Amazon, Apple, Netflix, PayPal, IRS, Adobe) to trick users into clicking embedded links and surrendering sensitive data; attackers additionally abuse LinkedIn smart links and Google Apps Script redirects to evade detection and lend legitimacy to phishing pages, resulting in global distribution and numerous customer hits. The report includes examples, themed campaign statistics, a geo heatmap of targeted customers, and recommended user and product-level mitigations such as skepticism of unsolicited messages, link verification, and enabling two‑factor authentication.