3

I accidentally opened a PDF email attachment on an Android phone as I was trying to figure out if the email was fraud or a scam. It was an email claiming I booked a flight and the pdf had my e-tickets.

I wanted to download the attachment to have it analyzed on a website but I'm nervous about doing that. Plus I'm not sure if I would be able to tell if the potential malware is executable on Android.

I opened the attachment, without downloading it, with Hotmail.

Are there any sites that could examine a forwarded email with the attachment so I don't have to download it to my computer to upload to a site?

Four different virus scanners couldn't find anything on my device and it's not acting any different but I'm still worried about what could be buried.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Jayson
  • 41
  • 1
  • 1
  • 3

3 Answers3

5

Many email services include a basic virus scanner. I know Gmail does, but that is not an endorsement. One thing you could try is to forward the email to another email service that uses attachment scanning.

If something is found, then you know. But if nothing found, then you cannot be certain.

Another option is to use a webclient for your email (like Gmail) and save the attachment directly to an online file store (like Google Drive). Then you can use VirusTotal's URL scanner to access the file (after you made it public). The file never touches your computer and never gets executed and gets sent to an online service to be scanned.

But the PDF is most certainly infected. What you describe is a very, very common attack. You need to scan the attachment to see how it might have affected your device.

schroeder
  • 123,438
  • 55
  • 284
  • 319
-2

What happened when you opened it with Hotmail (anything suspicious or some spike in CPU usage)?

You could open it in a sandbox environment like a VM (virtual machine). There are Android x32 builds of VMWare, for instance.

I'm not familiar with examples but you could find a computer forensics team or company (which could be expensive, but if you are not tech savvy, it could be the best solution).

schroeder
  • 123,438
  • 55
  • 284
  • 319
kaladont
  • 1
-2

I don't think that there are any sites that analyze emails. If you want to know if it is an Android executable, then check if the extension is .APK. Also if you download it, nothing should happen, if you open it, then it can deploy a virus. So you can download it and upload to Virustotal or another site, but I recommend doing it in VM as @drake said.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Adrian Rudy Dacka
  • 43
  • 7
  • Technically, any PDF is "executable" on Android. I think the OP means if the malware within the file is executable on Android. – schroeder Aug 30 '18 at 09:05
  • That's exactly what I'm wondering. Is the "malware within the file executable on Android" – Jayson Aug 30 '18 at 14:04