LUCY

Phishers unleash simple but effective social engineering techniques using PDF attachments. If you are creating a PDF document, you can bind other types of files to it as an attachment. One file you can attach is an EXE application. If the PDF contains instructions for a small application, binding the EXE to the PDF can give a user both files at once.

To perform a PDF based attack, you must first select an attack template that contains a malware simulation (e.g. mixed template or file based template). In the next step you can "hide" the malware simulation within the scenario settings of the respective template in a PDF. Please go to the settings of the template in the lower area and select the PDF option in the dropdown: