In recently weeks, I have noticed an increase in the use of PDF files for spam. Instead of uploading an HTML page using a compromised account, as seen shown in a previous post "Hundreds of College and Government websites still redirecting to fake stores", spammers are instead uploading PDF files. My guess for their motivation, is that PDF files are less likely to be checked for spam than plain HTML pages.

Good analysis on a new blended threat delivery vector that highlights why real-time scanning of all content is critical to protect your web clients.