===== Background Info =====

Phishers unleash simple but effective social engineering techniques using PDF attachments. If you are creating a PDF document, you can bind other types of files to it as an attachment. One file you can attach is an EXE application. If the PDF contains instructions for a small application, binding the EXE to the PDF can give a user both files at once.

===== Configuration =====

To perform a PDF based attack, you must first select an attack template that contains a malware simulation (e.g. mixed template or file based template). In the next step you can "hide" the malware simulation within the scenario settings of the respective template in a PDF. Please go to the settings of the template in the lower area and select the PDF option in the dropdown:

{{ screen.png?600 }}

===== Security Update =====

A major security update has been released in the new versions of Adobe Acrobat Reader.
Since Aug 2020 builds it is not possible to open the attached "-.exe" files.
More info here:
https://helpx.adobe.com/acrobat/using/attachments-security-risks-reader-acrobat.html