A worrying new email trend is emerging, and it’s not something anyone should ignore. It appears Windows PCs are being targeted by a new threat and getting caught out could hand over full control to cybercriminals. The new attack starts via messages that land in Gmail, Yahoo, Outlook and other email inboxes. They look pretty innocent, but they hide a dangerous threat, called DEADVAX, that can end up in passwords, banking details and personal documents being stolen.

So what do PC users need to watch out for to stay safe?

This latest attack uses fake PDF files to remotely install malware on devices. Emails land in inboxes that appear to be from a business or service provider, with the attachment resembling a standard invoice.

Where things get clever is that the PDF isn’t really attached to the message, with crooks using a crafty trick which pushes victims to a malicious file hosted on what’s known as an IPFS (InterPlanetary File System).

This is a decentralised storage network increasingly abused in phishing campaigns because content is harder to take down and can be accessed through normal web gateways.

Once the file has been clicked, it starts installing the malware without the PC owner knowing anything is wrong.

The security team at Malwarebytes is warning that those infected are then at serious risk of Theft of saved and typed passwords, including for email, banking, and social media.

Crooks can also monitor activity and look at documents, photos, or other sensitive files.

“Cybercriminals behind a campaign dubbed DEADVAX are taking phishing one step further by delivering malware inside virtual hard disks that pretend to be ordinary PDF documents,” Malwarebytes explained.

“Open the wrong “invoice” or “purchase order” and you won’t see a document at all. Instead, Windows mounts a virtual drive that quietly installs AsyncRAT, a backdoor Trojan that allows attackers to remotely monitor and control your computer.”

There are so simple ways to stay safe with Malwarebytes telling users to make ‘crucial’ checks when sorting inboxes.

Firstly, don’t open email attachments until after verifying, with a trusted source, that they are legitimate.

It’s also a good idea to make sure you can see the actual file extensions. Unfortunately, Windows allows users to hide them. So, when in reality the file would be called invoice.pdf.vhd the user would only see invoice.pdf.

Finally, use an up-to-date, real-time anti-malware solution that can detect malware hiding in memory.