As far as phishing goes, few things are more effective than popping a medium sized law firm and sending form letters from their (legit) systems as a real person.
Click-through rate for a technically legitimate "you are party to a lawsuit" email must be sky high.
Odd question. Why would a webviewer be safer in this case?
edit: Thank you for both answers. I thought it had to do with sandbox rationale, but couldn't mentally get past the fact that sandbox could potentially be escaped too. Eh, I think it is time for sleep.
If it's rendering locally, at least the browser is sandboxed. And if it's rendering server-side, then at worst someone else's machine gets compromised instead of yours.
Safer: definitely. Given that the collective amount of PDF attacks is some number, now this particular PDF needs to attack PDF and the webviewer. Assuming that 1% of all PDFs do that, I'd say it's 100 times safer than not using a webviewer.
If you still think that 1% of all potential PDF attacks is too unsafe, then that's a different discussion.
If you think my 1% is off, then that's a different discussion too. All I'm saying is that it's safer.
True, but in most cases this is assumed to be a popular PDF reader. If it is specifically targeting a webviewer, I agree. But that still means that there is some JS PDF parser in between, though that provides very little in terms of security, I doubt that such a parser will check for malicious input.
On macOS, the PDF reader Preview.app runs sandboxed by default.
The Preview.app sandbox is not quite as secure as what is used by browsers such as Firefox or Chrome on macOS for web content, so there is probably still a benefit to viewing PDFs in the browser, depending on whether the browser or PDF viewer is more hardened against these attacks.
I don't open any files on my PC from people I don't personally know -- use webviewers.