Do Not Open Any Of These PDFs On Your Phone
Do not take this risk.
Getty
The mobile threat landscape is getting worse, with half of all devices unprotected from new attacks and the current trickle of dangerous AI campaigns about to become a tidal wave. And while we're becoming better conditioned to avoid clicking links, opening office attachments or installing apps, one threat is still slipping the security net.
We're talking PDFs, which are seen as a safe file type to open on your phone — but they are not. They are now being crafted with embedded risks including masked links and links hidden behind QR codes, and they are easy to cloak with a mimicked brand.
The latest warning comes from Zimperium, which has seen a surge in PDF attacks. While this is true of both email and SMS attachments, the latter is far worse. SMS threats in general 'now comprise over two-thirds of observed attack attempts, signifying a critical pivot in threat actor methodology.'
Google's Update Decision—Bad News For 50% Of Android Users
And so a PDF attached to an SMS is a double whammy. In the past year, Zimperium says it has observed 'attackers increasingly leveraging PDF attachments delivered via SMS messages because these files can effectively obfuscate malicious content and evade traditional security scans. This tactic exploits the fact that users have become accustomed to and generally trust PDF documents in their daily interactions, and many defense mechanisms may not thoroughly inspect them for embedded threats.'
Mobile Threat Report 2025
Zimperium
The team has seen these attacks 'frequently leverage well-known brands… to manipulate user trust, compelling victims to click through and initiate the attack.' That means no PDF regardless of the lure and purported sender ID is guaranteed safe. This is especially true given how easy it is with short-codes to mimic a brand in a text.
PDFs win on two counts. The embedded threats bypass security scans by skipping /URL tags against links, and then the benign nature of a PDF combined with trust in the faked brand solicits clicks. 'This evolution signifies a sophisticated attempt to bypass established security measures and capitalize on user familiarity and trust.'
We have seen multiple PDF alerts over the last year. The team warns that 'because PDFs are now so ubiquitous… used extensively for contracts, reports, manuals, invoices, and other critical business communications, users have developed a natural, but dangerous, assumption that all PDF's are safe. And now, cybercriminals are actively exploiting that false confidence.'
Microsoft's AI Secretly Copies Your WhatsApp, Signal Messages
Dangerous PDFs are not new. There have been multiple warnings in recent years. But the obfuscation tactics are evolving and the rise in smishing kits and maliciously crafted domains for embedded links has reached a new level. Don't take any chances. PDFs should be seen as every bit as dangerous as links and office docs.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Forbes
an hour ago
- Forbes
Google Confirms Gmail Warning—How To Keep Your Email Account
New password attack warning confirmed You have been warned. Gmail attacks have reached a new level of threat. If you don't act to secure your account you could lose it — at least long enough for irreparable damage to be done. This is the gateway to other Google accounts and services, so do not take risks. Fortunately, Google has just confirmed its warning to help you keep your account. The latest such threat generated headlines when Instagram boss Adam Mosseri posted about 'a sophisticated phishing attack,' with a call to say his 'Google account was compromised' and 'an email to confirm my identity,' he was then 'asked to change my password using my Gmail app.' That's the tell and it should have stopped there. But understandably, Mosseri was 'impressed' by the credibility of the attack. It will come as little surprise now, but the attacker's email 'came from forms-receipts-noreply@ and linked to which of course asked me to sign in.' This is fast becoming an alarming new normal. This use of legitimate infrastructure to legitimize malicious emails, forms and websites has driven viral story after viral story in recent months. Just this week, another warning followed threat actors 'leveraging tools from trusted tech giants to exploit users.' Cofense discovered Google tech being used to phish for Microsoft credentials, with "an email masquerading as an invoice, containing a link to a webpage that uses Google Apps Script, a development platform integrated across Google's suite of products.' New Gmail password attack Google responded to Mosseri's post on Threads, confirming both the password attack and the company's critical advice to users. 'Thank you for flagging — we suspended that form and site yesterday, and we constantly roll out defenses against these types of attacks. As a reminder: Google will never call you about your account.' That's the crux. If you receive an email or a call from Google to handle an account issue or change a password or other account settings, it's a scam. It really is that simple. "Please reiterate to your readers that Google will not call you to reset your password or troubleshoot account issues,' a company spokesperson asked me. The other advice is to remove password only access to your accounts and only to use two-factor authentication that links to your physical devices. Do not use SMS or email or any other message than can be intercepted. It needs to be a passkey (ideally) or an authenticator app at a minimum. If the latter, never enter codes into any popup or website you hsve not accessed through usual channels. No links or surprise popups. As with other Google infrastructure attacks we have seen in recent months, including the infamous 'no-reply@ the newsflow following Mosseri's post (1,2) focuses on the cleverness of the attack and the difficulty in detecting it mid-flight. But just do those two things — set up passkeys and never respond to calls or emails from Google about account issues — and you will keep your account safe and secure.
Yahoo
an hour ago
- Yahoo
Prediction: This Artificial Intelligence (AI) Stock Could Be the Next Great Value Play
This value opportunity is a member of the "Magnificent Seven." Although its business model is uncertain, investors are likely underestimating the company's ability to redefine itself. 10 stocks we like better than Alphabet › As most investors know, some stocks in artificial intelligence (AI) have stood out for their outsized gains. The recent returns on stocks like Nvidia and Palantir are a testament to the transformative power of that technology. But those successes do not mean every AI stock sells at a premium. In fact, investors might be surprised to learn that many of these stocks do not command premium valuations, and that lack of buying has made the opportunity particularly compelling in one stock. Perhaps one of the more surprising AI value plays is Google parent Alphabet (NASDAQ: GOOGL) (NASDAQ: GOOG). Alphabet has applied AI in its applications since 2001, and before the rise of ChatGPT, investors typically considered Alphabet a top AI stock. Today, perceptions are much different. It now sells at a P/E ratio of about 19. That makes it the cheapest stock in the "Magnificent Seven," and many investors would now consider it a value stock. The uncertainty now surrounding Alphabet makes the low valuation understandable in some respects. OpenAI's ChatGPT seemed to take Alphabet by surprise. Although it responded by launching Google Gemini soon after, Alphabet appears to lag ChatGPT competitively. ChatGPT also presents a problem for Google Search. ChatGPT directed users to desired websites based on keywords, and Alphabet derived revenue from this process by selling advertising. Unfortunately for Alphabet, generative AI platforms like ChatGPT merely return information often compiled from multiple sites. While some users may still visit the sites from which AI platforms source material, many users never go to the sites, which reduces the ability to sell ads and presumably undermines long-established business models. Consequently, Google Search's market share is now below 90% for the first time in years, according to Oberlo. With 74% of Alphabet's revenue still coming from advertising in the first quarter of 2025, that trend could bode poorly for the company over time. Nonetheless, other attributes of the company should lead investors to question whether the company is oversold at the aforementioned 19 P/E ratio. The AI giant has worked for years to reduce its dependence on advertising. In the year-ago quarter, advertising accounted for 77% of overall revenue, and that percentage dropped over the last year even though ad revenue grew by 8% during that time. The most prominent non-advertising enterprise under its umbrella is Google Cloud, which now makes up almost 14% of the company's revenue. Moreover, Alphabet owns numerous businesses not discussed in its quarterly report, including Verily Life Sciences, Google DeepMind, and Fitbit. Still, one Alphabet-owned enterprise showing particular promise is the autonomous driving company Waymo. A recent funding round valued Waymo at $45 billion, indicating its potential to be a major revenue driver under Alphabet's umbrella. Alphabet has also invested heavily in itself. In 2025, it pledged to spend $75 billion in capital expenditures (capex). To finance that cost, it has $95 billion in liquidity. It also generated $75 billion in free cash flow over the previous 12 months, a figure that does not include capex. That ability to generate cash makes it possible to invest heavily in itself, likely improving its AI technology and making it competitive in other tech-related fields. Considering Alphabet's low P/E ratio and tremendous resources, investors should likely be adding shares at current levels. The rise of ChatGPT does put pressure on its ad business and may force Alphabet to diversify its revenue sources more quickly than it had planned. But Alphabet is investing tremendous amounts of money back into its business. That investment could improve its AI capabilities, and investors should not yet count it out in this industry. Its ability to fund itself should also make investors optimistic about Alphabet's future. If the company improves its AI and successfully develops new revenue sources like Waymo, investors may find themselves feeling glad they bought Alphabet while it was still a value stock. Before you buy stock in Alphabet, consider this: The Motley Fool Stock Advisor analyst team just identified what they believe are the for investors to buy now… and Alphabet wasn't one of them. The 10 stocks that made the cut could produce monster returns in the coming years. Consider when Netflix made this list on December 17, 2004... if you invested $1,000 at the time of our recommendation, you'd have $651,049!* Or when Nvidia made this list on April 15, 2005... if you invested $1,000 at the time of our recommendation, you'd have $828,224!* Now, it's worth noting Stock Advisor's total average return is 979% — a market-crushing outperformance compared to 171% for the S&P 500. Don't miss out on the latest top 10 list, available when you join . See the 10 stocks » *Stock Advisor returns as of May 19, 2025 Suzanne Frey, an executive at Alphabet, is a member of The Motley Fool's board of directors. Will Healy has no position in any of the stocks mentioned. The Motley Fool has positions in and recommends Alphabet, Nvidia, and Palantir Technologies. The Motley Fool has a disclosure policy. Prediction: This Artificial Intelligence (AI) Stock Could Be the Next Great Value Play was originally published by The Motley Fool 擷取數據時發生錯誤 登入存取你的投資組合 擷取數據時發生錯誤 擷取數據時發生錯誤 擷取數據時發生錯誤 擷取數據時發生錯誤
Tom's Guide
2 hours ago
- Tom's Guide
How to use Google's AI-powered NotebookLM — 5 tips to get started
Google's NotebookLM, helps you to make sense of large amounts of complex information. It's proven particularly popular among students, writers and journalists, since it allows users to add and summarize multiple sources. If you're looking to connect scattered ideas or organize reams of notes, then NotebookLM is sure to be the tool for you. After making its debut as a desktop, browser-based tool, NotebookLM has been launched as an app for Android and iOS and, while it's not as comprehensive, it comes with some key features. These include an ability to create AI-driven podcasts, ask questions and share content from third-party apps in an instant. If you're feeling overwhelmed by your research, it's well worth trying. But how can you get the most out of NotebookLM? In this guide, we take a deeper look at what you can achieve with the app. First, make sure you have the NotebookLM downloaded from the App Store or Google Play. Although you can use NotebookLM to explore any specific topic of your choosing, and this is, indeed, the app's strength — you should also create a main notebook stuffed with material that relates to your core day-by-day activities. For example, you could tap Create New to start a notebook dedicated to your home life. This could cover everything from hobbies and chores to grocery lists, ideas, plans, events, and recurring tasks. Over time, this would become a growing knowledge base you can easily refer back to. This would allow you to ask for all kinds of stuff. you could get it to generate recipes, suggest ways of saving time, create schedules, organise trips and more. In that sense, it would become an intimate, personal AI assistant. When researching a specific project, start by gathering all your sources in one place. Search the web, find relevant PDFs, watch YouTube videos, and collect any key texts related to the topic, then add them to a notebook before diving in. You can do that in the NotebookLM app – select Add a source – or via any app if you tap the share icon. In that sense, you're creating You can do this in the NotebookLM app by selecting Add a source, or from any app by tapping the share icon. You're creating your own niche, local search engine and making it as comprehensive as you can. Indeed, the more information you include in a notebook, the better it will be at spotting connections and identifying patterns to help you make sense of your resources. There's a limit of 50 sources, but that should be plenty. When you begin to ask questions, you can be confident that NotebookLM is providing the best compiled answer possible, drawing from those multiple, focused sources. When you bring so much information together, it can still be difficult to know where to start. You could get NotebookLM to summarize the data in written form,but you may find it's actually easier to get to grips with the material by asking for a podcast. All you need to do is open the notebook, tap Studio, tap Audio Overview and select Generate. It may take a few minutes to generate, but once it's ready, you can listen to a deep-dive discussion about your sources, hosted by two AI presenters. The audio can also be downloaded for offline listening. In the course of that conversation, they'll raise and talk about different aspects of the topic in a lively and interesting manner, helping you to better understand the themes. What's more, you can ask questions whenever you wish — even verbally. There's also a beta option that lets you tap Join and ask something. It's like being part of a phone-in show. Rather than have the audio overview simply discuss a broad range of topics in relation to a subject, you can steer it towards a particular angle by just asking it to do so. For example, if you were researching Android 16, you could ask it to focus on the AI features. You can also do this in the Chat section if you'd prefer a written overview but it won't be a discussion. NotebookLM is a flexible system and you can use it to present information in a whole host of ways. You could, if you wish, have NotebookLM trawl through all of your sources and pick out the most interesting themes, presenting them as a digestible FAQ. Or you could ask for a timeline if you'd like to arrange the information chronologically. NotebookLM can work as a great study guide and if you use it in this way, it will allow you to check the original source from which the information is being drawn. Although NotebookLM is a research tool, that doesn't mean it has be for dry topics. You can use it for creative projects too. Throw that book you're writing into it and it can help you track your characters and their personalities. It can also be used to brainstorm ideas, help to overcome writer's block by offering different paths and suggest ways to improve your prose. You can even get NotebookLM to rewrite text, produce lyrics, suggest names and so much more. Now you've learned the top tips to get the most out of NotebookLM on your smartphone, why not take a look at our other useful articles? Check out five uses for Google's Gemini-powered research companion and discover how you can get to grips with NotebookLM Plus, now available with the Google One AI Premium subscription plan. And if you're wanting to venture into other AI models, here's 9 prompts to get started in Gemini. Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
