Are PDF files safe for me to open?

270    Asked by AndreaBailey in Cyber Security , Asked on Jan 25, 2022

 I have received an email with a pdf file whose content I want, but I'm not exactly sure what the source of it is. In gmail, I have two options: "Download" and "Save to Drive". I'm assuming it means Google Drive. Is it safe to save the pdf file to drive and then look at it that way? If so, once it's in drive, is it possible to somehow scan it for malware and then safely download it onto my computer?

Answered by Andrea Bailey

The answer to your question - Are PDF files safe is that antivirus nowadays gives the option to autoscan possible infected attachments in emails however I have never used one and not sure if the web interface works with such kind of scanning. Using thunderbird for example or analog desktop app for windows would allow you to have the antivirus to scan it.


I would personally not do this however... Instead, download the pdf manually, abstain yourself from opening it, upload it to virustotal.com , wait for the report to show up (a minute max), afterwards upload the pdf to one of the many online providers which allow you to read pdf files online. This way, you will be more secure than using the pdf into your adobe acrobat reader or similar app.

For more security use sandboxing when opening the pdf (for example Comodo Antivirus offers free sandboxing with their firewall), this way any attempt at infecting your machine will be thwarted (and you can use this sandboxing in your browser so the real browser will mostly be left intact even when entering into websites embedded with malware)

Edited: And finally the last and better solution to this common problem! Download oracle box, download a linux image of debian, ubuntu or any other easy to use linux distribution, open the iso into oracle box and read the pdf through it. This way your real machine will never ever get infected (I recommend the usage of virtual machines as a daily way to browse the internet but that is me personally).

Having said so, gmail itself does have security and normally infected attachments would be picked by gmail itself unless they are access zero, encrypted well by malware creator etc. However, pdfs are one of the most used ways to infect machines. Unless you know the sender of the pdf it would be safer to maintain a septic attitude and use precautions when watching it.



Your Answer

Interviews

Parent Categories