Actually, not to me. But Kevin Liston at the SANS ISC seems to be surprised by it. Frankly, it only surprises me that it didn’t start sooner. Maybe the spammers have just been waiting for the right moment to pull the trick out. But it didn’t surprise me in the least when I heard people were opening them. Heck, it’s a PDF. People have been somewhat conditioned on not opening Word docs and Excel spreadsheets (that one came up in the post as well, and that did surprise and bother me a bit), but PDFs are the preferred business delivery system and are seen as trustworthy.
A part of the reason that they are seen as trustworthy is that people use them as a method of ensuring their documents can not or have not been altered. Unfortunately, this is a huge myth because anyone with access to Google can learn how to crack PDF’s. This may be getting better (I haven’t kept up with it lately), but it has been atrocious in the past.
Vet
