PDF Viewer Spoof

A recent Australian Tax Office phish is using an interesting technique to try to appear legitimate: it spoofs the controls for the Adobe Acrobat in-browser PDF viewer.

ato-pdf-viewer

 

Would-be victims are seeing a web page form in the browser, but it almost looks like they’re viewing a PDF document that’s making use of javascript forms. Like most tax related phish it promises them a refund if they’ll only provide their bank card details.