PDF spam may already be burning itself out. Having reached its peak volume of nearly 30 percent of all spam messages sent on August 7, PDF spam today is hardly registering on email security vendors' spamometers.
The unwanted emails with PDF files attached - usually pushing the recipient to purchase a penny stock that the spammer then dumps once the trading price goes up - comprise less than 1 percent of spam today, according to security vendor Sophos.
PDF spam began hitting high volume levels in early summer, the highest of which occurred on August 7 when a pump-and-dump stock scam exploded across the internet, touting a company called Prime Time Group. The attached PDF looked like a financial newsletter advising the purchase of the stock. That spam blast, which some security vendors said at the time was the largest in spam history, lasted for the better part of the week.
There could be a number of reasons why PDF spam has all but disappeared, says Ron O'Brien, Sophos senior security analyst. Since the actual message is attached to, not embedded in, the email, recipients may find it too time consuming or cumbersome to open, he says.
"A malicious embedded link, on the other hand, is quick and easy to access and would probably have a higher likelihood of luring people to open" it, he says.
The idea that PDF spam is too complex would explain why a few good old-fashioned spam messages are now appearing in inboxes, simply stating the recipient should purchase a cheap stock before it gets snapped up. No attachments, not even a link to a website, just some persuasive text.
While spammers may be looking for new ways to get their message across, Sophos' O'Brien warns that email users should beware of a false sense of security.
"Although PDF spam is showing a decrease currently, there's no reason to believe that it will not strike again," he says