A New Twist on an Old Trick: Phishing Scams Are Now Hiding in PDF Attachments

October 13, 2025 , B Q 0

If you’ve received an email lately with a PDF attachment and a phone number telling you to call “tech support,” you may have come across one of the latest phishing scams making the rounds. This new wave is more subtle than what we’ve seen before, and it’s catching people off guard.

Security experts at Cisco Talos recently spotted a surge in these types of scams between early May and early June 2025. The email messages appear to come from companies people trust, such as Microsoft, Adobe, or DocuSign. But instead of sending users to fake login pages, scammers are now using what’s known as callback phishing.

What Is Callback Phishing and Why Should You Care?

Most advice around phishing usually tells you not to click on suspicious links and, if in doubt, to contact the company directly. This new method flips that advice on its head by offering a phone number upfront, attempting to make the message look helpful and urgent.

The message often claims there’s something wrong with your subscription or that a charge is pending. The attached PDF includes a phone number and instructions to call for help. It seems harmless at first glance. You’re not clicking anything, just calling a support number.

But once you’re on the phone, you’re speaking with someone pretending to be a customer service representative. They sound polite and capable, which makes it easy to trust them. This is where the scam really begins. That fake “agent” may ask for private information or convince you to install something on your computer, supposedly to fix a problem. In reality, that software could give the attacker access to your system or sensitive company data.

Why These Scams Are More Effective Than You Think

The clever part about these scams is that they don’t rely on malicious links or malware-packed attachments. The PDF itself might be clean. The real threat comes from the phone call. This type of attack is rooted in social engineering, which means the scammers rely on manipulation and trust rather than technology alone.

By pretending to be helpful support staff from well-known companies, these criminals can quickly gain your confidence. Since most of us are used to resolving account issues over the phone, their approach doesn’t feel unusual. That sense of familiarity is exactly what they count on to pull off their scheme.

Steps to Keep Your Business Safe

Awareness is your first defense. These scams are becoming more polished and common. Spotting the red flags before you engage can save you and your business from serious trouble.

Be cautious when opening PDF attachments from unknown or unexpected sources, especially if the document includes a support number. Instead of calling the number provided in the document or email, take a moment to visit the company’s official website and verify their contact details.

Education plays a big role here, too. Make sure your staff knows what these scams look like and what to do if they come across one. Using reputable security tools that scan email attachments is another important layer of protection, but it won’t help if someone ends up calling a fake support line.

When In Doubt, Don’t Click and Don’t Call

This new type of scam is a reminder that phishing doesn’t always involve suspicious links or error-filled emails. Sometimes, the trap comes through a clean-looking PDF and an innocent-looking phone number.

If something feels off or unexpected, take a step back. Double-check through trusted sources, and when you’re unsure, it’s safer to delete than to engage. Staying alert can go a long way in helping you and your team steer clear of these evolving threats.