Tag: Gmail

I recently received a PDF file that, when attached to a gmail message, causes a warning to be displayed as follows:

Encrypted attachment warning – Be careful with this attachment. This message contains 1 encrypted attachment that can’t be scanned for malicious content. Avoid downloading it unless you know the sender and are confident that this email is legitimate.

However, I am able to open the file without getting prompted for a password. I followed the advice given in this security stack exchange question and used the pdfid.py program whereupon I got the below output:

$   pdfid.py ~/Downloads/filename.pdf PDFiD 0.2.7 /home/username/Downloads/filename.pdf PDF Header: %PDF-1.6 obj                  402   endobj               402  stream               401   endstream            401 xref                   0 trailer                0 startxref              1 /Page                  0 /Encrypt               1 /ObjStm               15 /JS                    0 /JavaScript            0 /AA                    0 /OpenAction            1 /AcroForm              1 /JBIG2Decode           0 /RichMedia             0 /Launch                0 /EmbeddedFile          0 /XFA                   0 /Colors > 2^24         0 

It would seem to me that since this file contains no JavaScript it is safe to open and handle. But I am puzzled by the encrypted message that Gmail displays. I guess it is related to the /Encrypt flag that’s set on the above output.

Why is Gmail telling me that the file is encrypted even though I can open it without being prompted for a password and would that, on its own, be reason for concern?