There is a ransomware virus using PDF files. Be VERY careful not to click on this. it is disguised as a phishing scheme and when you open the pdf (which most people think is safe) it has another link in it for you to click on and that’s where the trouble starts.

For years, IT managers have heavily stressed to users not to open any attachments from people you don’t know. The hackers keep finding better, more efficient ways to trick you. Everyone knows a pdf file is a somewhat safe file, as it does not execute anything. What we forget is what is inside the file that can hurt us.

It was reported that year, that businesses spent over 1 Billion dollars paying ransomware. With that type of success, I really don’t see it stopping any time soon. Below is an example of an email you may receive from a ransomware virus using PDF files.

From: City Council <>
Date: April 28, 2017 at 10:27:42 AM EDT
To: <>

You have been detected with a speed infringement:

Type: negligent driving

Violation No: 5411111478 9882983800

Date of infringement: 12/4/2017

Amount due: 126.00 GBP

What to look for

If you ever receive anything suspicious, never open it. It almost always has to do with some sort of payment, order you placed, or urgent information. If you look at the email closely, always look at the return address on the email. It will not make any sense. It will most likely not be a .net or .com. Also, it could just be something added to a legitimate email. For example, I have received phishing scams from Well Fargo. The return address looked like this: My guess is that Wells Fargo does not have that type of email address.


If you are ever in doubt, contact Tier3MD for information.