{"id":74015,"date":"2023-06-23T17:04:42","date_gmt":"2023-06-23T15:04:42","guid":{"rendered":"https:\/\/krm.swiss\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/"},"modified":"2023-06-23T17:04:42","modified_gmt":"2023-06-23T15:04:42","slug":"why-unsigned-pdf-invoices-should-be-treated-as-spam","status":"publish","type":"post","link":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/","title":{"rendered":"Why unsigned PDF invoices should be treated as SPAM."},"content":{"rendered":"

Data that gives the appearance of a “legitimate” document is particularly suitable for distributing a Trojan and creating a base for a successful ransomware attack. While traditionally it was mainly application data that was sent, the fraud mafia is increasingly shifting to other, easier targets. PDF invoices are best suited for this purpose, as they are perfect carriers of a Trojan or other malware.<\/p>\n

Until a few years ago, precisely until 31.12.2016, the electronic signature was mandatory in Switzerland. Against better knowledge and “to simplify administrative hurdles,” the relevant law was then abolished. What would come next was clear. Currently, invoices are sent without any protection and security features. A land of milk and honey for hackers! Apart from the fact that this also makes fraud attempts around redirected payment very easy, PDFs containing malware are becoming more and more common.<\/p>\n

What can be done about it? To secure e-invoices, a multi-level security system is needed, both on the sender and receiver side. This includes technical security measures such as trusted authentication but also the establishment of a control system to verify the content of the demand made:<\/p>\n

\"\"<\/a>

Fig_60_01b_DEFENCE_Safety_dispositive_E-Invoice<\/p><\/div>\n

Everything else and details on safeguarding can be found in the Practical Guide to Information Governance<\/a>, p. 307ff.<\/p>\n

By the way: A PDF that looks like an invoice only becomes a receipt when its content (the receivable) has been verified by the invoice recipient.<\/p>\n","protected":false},"excerpt":{"rendered":"

Data that gives the appearance of a “legitimate” document is particularly suitable for distributing a Trojan and creating a base for a successful ransomware attack. While traditionally it was mainly application data that was sent, the fraud mafia is increasingly shifting to other, easier targets. PDF invoices are best suited for this purpose, as they […]<\/p>\n","protected":false},"author":2,"featured_media":6765,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[53,360,350],"tags":[358,359,361],"dipi_cpt_category":[],"class_list":["post-74015","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-grundlagen-en","category-ecm-dms-and-content-services","category-records-management-archiving","tag-integrity-protection","tag-regulatory","tag-signature"],"yoast_head":"\nWhy unsigned PDF invoices should be treated as SPAM. - krm Information Governance<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why unsigned PDF invoices should be treated as SPAM. - krm Information Governance\" \/>\n<meta property=\"og:description\" content=\"Data that gives the appearance of a “legitimate” document is particularly suitable for distributing a Trojan and creating a base for a successful ransomware attack. While traditionally it was mainly application data that was sent, the fraud mafia is increasingly shifting to other, easier targets. PDF invoices are best suited for this purpose, as they […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/\" \/>\n<meta property=\"og:site_name\" content=\"krm Information Governance\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-23T15:04:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2021\/08\/KartonschachteliStock_000002830183Medium.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1507\" \/>\n\t<meta property=\"og:image:height\" content=\"1274\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Bruno Wildhaber\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Bruno Wildhaber\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/\"},\"author\":{\"name\":\"Bruno Wildhaber\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/#\\\/schema\\\/person\\\/6af1b03b3936809e3ff9bd196f609cce\"},\"headline\":\"Why unsigned PDF invoices should be treated as SPAM.\",\"datePublished\":\"2023-06-23T15:04:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/\"},\"wordCount\":253,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/krm.swiss\\\/wp\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/KartonschachteliStock_000002830183Medium.jpg\",\"keywords\":[\"Integrity protection\",\"Regulatory\",\"Signature\"],\"articleSection\":[\"Basics\\\/Foundations\",\"ECM, DMS and Content Services\",\"Records Management & Archiving\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/\",\"url\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/\",\"name\":\"Why unsigned PDF invoices should be treated as SPAM. - krm Information Governance\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/krm.swiss\\\/wp\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/KartonschachteliStock_000002830183Medium.jpg\",\"datePublished\":\"2023-06-23T15:04:42+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/#\\\/schema\\\/person\\\/6af1b03b3936809e3ff9bd196f609cce\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/#primaryimage\",\"url\":\"https:\\\/\\\/krm.swiss\\\/wp\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/KartonschachteliStock_000002830183Medium.jpg\",\"contentUrl\":\"https:\\\/\\\/krm.swiss\\\/wp\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/KartonschachteliStock_000002830183Medium.jpg\",\"width\":1507,\"height\":1274,\"caption\":\"cardboard box with Biohazard Symbol #2\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/why-unsigned-pdf-invoices-should-be-treated-as-spam\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/krm.swiss\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why unsigned PDF invoices should be treated as SPAM.\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/krm.swiss\\\/en\\\/\",\"name\":\"krm Information Governance\",\"description\":\"Wir verbessern Ihre Kompetenz im Datenmanagement\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/krm.swiss\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/#\\\/schema\\\/person\\\/6af1b03b3936809e3ff9bd196f609cce\",\"name\":\"Bruno Wildhaber\",\"url\":\"https:\\\/\\\/krm.swiss\\\/en\\\/author\\\/brwildhaber\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why unsigned PDF invoices should be treated as SPAM. - krm Information Governance","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/","og_locale":"en_US","og_type":"article","og_title":"Why unsigned PDF invoices should be treated as SPAM. - krm Information Governance","og_description":"Data that gives the appearance of a “legitimate” document is particularly suitable for distributing a Trojan and creating a base for a successful ransomware attack. While traditionally it was mainly application data that was sent, the fraud mafia is increasingly shifting to other, easier targets. PDF invoices are best suited for this purpose, as they […]","og_url":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/","og_site_name":"krm Information Governance","article_published_time":"2023-06-23T15:04:42+00:00","og_image":[{"width":1507,"height":1274,"url":"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2021\/08\/KartonschachteliStock_000002830183Medium.jpg","type":"image\/jpeg"}],"author":"Bruno Wildhaber","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Bruno Wildhaber","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/#article","isPartOf":{"@id":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/"},"author":{"name":"Bruno Wildhaber","@id":"https:\/\/krm.swiss\/en\/#\/schema\/person\/6af1b03b3936809e3ff9bd196f609cce"},"headline":"Why unsigned PDF invoices should be treated as SPAM.","datePublished":"2023-06-23T15:04:42+00:00","mainEntityOfPage":{"@id":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/"},"wordCount":253,"commentCount":0,"image":{"@id":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/#primaryimage"},"thumbnailUrl":"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2021\/08\/KartonschachteliStock_000002830183Medium.jpg","keywords":["Integrity protection","Regulatory","Signature"],"articleSection":["Basics\/Foundations","ECM, DMS and Content Services","Records Management & Archiving"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/","url":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/","name":"Why unsigned PDF invoices should be treated as SPAM. - krm Information Governance","isPartOf":{"@id":"https:\/\/krm.swiss\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/#primaryimage"},"image":{"@id":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/#primaryimage"},"thumbnailUrl":"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2021\/08\/KartonschachteliStock_000002830183Medium.jpg","datePublished":"2023-06-23T15:04:42+00:00","author":{"@id":"https:\/\/krm.swiss\/en\/#\/schema\/person\/6af1b03b3936809e3ff9bd196f609cce"},"breadcrumb":{"@id":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/#primaryimage","url":"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2021\/08\/KartonschachteliStock_000002830183Medium.jpg","contentUrl":"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2021\/08\/KartonschachteliStock_000002830183Medium.jpg","width":1507,"height":1274,"caption":"cardboard box with Biohazard Symbol #2"},{"@type":"BreadcrumbList","@id":"https:\/\/krm.swiss\/en\/why-unsigned-pdf-invoices-should-be-treated-as-spam\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/krm.swiss\/en\/"},{"@type":"ListItem","position":2,"name":"Why unsigned PDF invoices should be treated as SPAM."}]},{"@type":"WebSite","@id":"https:\/\/krm.swiss\/en\/#website","url":"https:\/\/krm.swiss\/en\/","name":"krm Information Governance","description":"Wir verbessern Ihre Kompetenz im Datenmanagement","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/krm.swiss\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/krm.swiss\/en\/#\/schema\/person\/6af1b03b3936809e3ff9bd196f609cce","name":"Bruno Wildhaber","url":"https:\/\/krm.swiss\/en\/author\/brwildhaber\/"}]}},"_links":{"self":[{"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/posts\/74015","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/comments?post=74015"}],"version-history":[{"count":0,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/posts\/74015\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/media\/6765"}],"wp:attachment":[{"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/media?parent=74015"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/categories?post=74015"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/tags?post=74015"},{"taxonomy":"dipi_cpt_category","embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/dipi_cpt_category?post=74015"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}