through PDF attachments are geared towards pushingAttack.Phishingusers to enter their email account credentials into well-crafted phishing pages . Microsoft security experts saw a lot of variants of the same attackAttack.Phishing, and they all startAttack.Phishingwith spoofed emails supposedly delivering asked-for documents . In one variation , the PDF makes it look like there has been an error , and the document can only be displayed with Microsoft Excel . But instead of actually opening it with their own software , potential victims are urged to open it by following the link offered in the PDF : If they do that , they will be redirected to a web page that makes it seem like the document can only be opened if the user signs in with their email credentials . In another variant , the PDF urges users to click on a link that will supposedly allow them to view a Dropbox-hosted document online . “ Social engineering attacks are designed to take advantage of possible lapses in decision-making . Awareness is key ; that is why we ’ re making these cybercriminal tactics known , ” Microsoft ’ s Alden Pornasdoro explained . “ In these times , when we ’ re seeing heightened phishing attacksAttack.Phishingwith improved social engineering techniques , a little bit of paranoia doesn ’ t hurt . For instance , question why Adobe Reader is trying to open an Excel file .