How To Safely Open Suspicious PDFs

/in



monticello/Shutterstock (Licensed)

Y0ur P@ssw0rd S*cks is a bi-weekly column that answers the most pressing internet security questions web_crawlr readers have to make sure they can navigate the ‘net safely. If you want to get this column a day before we publish it, subscribe to web_crawlr, where you’ll get the daily scoop of internet culture delivered straight to your inbox.

In today’s “Your Password Sucks” column for web_crawlr, Mikael answers a question you’ve likely had: What do I do with a suspicious PDF?

You’ve undoubtedly opened a PDF file before.

Given its status as the world’s most popular business document format, you’ve almost certainly dealt with PDF files at work if not at home.

But as you may be aware, PDF files can at times pose a risk. Specifically, PDFs can be used to infect your computer with malware.

If you’ve ever gotten a mysterious email before from an unknown sender that asks you to download and open a PDF, it’s entirely possible that you’ve been targeted, perhaps randomly, by such an attack.

While most internet users are familiar with antivirus software and other common tools, not as many are familiar with the potential dangers posed by PDFs.

So what do you do if you receive a suspicious PDF? Just open it? Ignore it?

If you receive a suspicious file at work, it’s probably best to alert a superior to confirm the item’s legitimacy before opening it. But the whole point of a malicious PDF, whether sent to your email at work or your personal email at home, is to trick you into opening it.

How do I safely open a suspicious PDF?

One of the simplest ways to safely open a PDF, in my humble opinion, is through the use of a tool known as Dangerzone.

Available for Windows, Mac, and Linux, Dangerzone is a completely free program that will sanitize a wide array of files including PDFs, Microsoft Office documents, and images.

Simply open Dangerzone and select your file and the program will open it in a secure container, usually through the use of a third-party program like Docker. Then, Dangerzone will make you a new copy of the file that strips away any embedded items and data.

As noted on Dangerzone’s…

Source…