We have been seeing an uptick in SPAM containing PDF attachments. The PDFs are composed of a full-page image that, when moused-over, points to a malicious web site. We have tried to use Transport Rules to block these based on the moused-over URL but Exchange seems unable to properly detect these embedded URLs. We are able to use Transport Rules to block PDFs with plain text so we know that the server is inspecting them properly.
Any ideas on how to battle these pesky messages? ________________________________ CONFIDENTIALITY NOTICE: This email contains information from the sender that may be CONFIDENTIAL, LEGALLY PRIVILEGED, PROPRIETARY or otherwise protected from disclosure. This email is intended for use only by the person or entity to whom it is addressed. If you are not the intended recipient, any use, disclosure, copying, distribution, printing, or any action taken in reliance on the contents of this email, is strictly prohibited. If you received this email in error, please contact the sending party by reply email, delete the email from your computer system and shred any paper copies. Note to Patients: There are a number of risks you should consider before using e-mail to communicate with us. See our Privacy & Security page on www.henryford.com for more detailed information as well as information concerning MyChart, our new patient portal. If you do not believe that our policy gives you the privacy and security protection you need, do not send e-mail or Internet communications to us.