April 3, 2025 By Sead Fadilpašić
At least one in every five phishing emails carries a .PDF attachment, researchers are saying, warning that the popular file format is being increasingly used in social engineering attacks.
A new report from Check Point Research claims PDF-based attacks now account for 22% of all malicious email attachments, making them particularly concerning for businesses sharing large quantities of these files every day.
In earlier years, many of the attacks relied on JavaScript or other dynamic content being embedded within the files. While this approach is still seen in the wild, it has become less common, since JavaScript-based attacks tend to be “noisy” and easier to detect by security solutions.