JANUARY 10, 2014
Your regular source of security updates from TrendLabsSM
In This Issue

Security Spotlight
2013’s Most Notable Spam Trends

Security for Home Users
IoE: Boon or Bomb in the Making?

Security for Business
New Spam Technique: .CPL File Use



Security for Business

New Spam Technique: .CPL File Use

Organizations need a comprehensive email security solution that can detect spam and malicious attachments to prevent attackers from potentially stealing crucial data.”



Email remains the primary means of business communication. As such, cybercriminals and attackers often use it to infiltrate corporate networks. As a study said, the majority of organizations and large enterprises use corporate email accounts to send and receive confidential data.

As early as September 2013, we saw a rise in spam with malicious Control Panel (.CPL) files as attachment. In the past, spammers typically used .ZIP or. RAR files as attachment. In a particular financial spam run, the malicious .RTF file attachment came embedded with a malicious .CPL file we detect as TROJ_CHEPRO.CPL. The .RTF file contained a clickable image that, when clicked, ran the malicious .CPL file.

Legitimate .CPL files, when clicked, execute applets found in the Windows® Control Panel. That’s probably why cybercriminals use them more now to spread malware. Some CPL malware like TROJ_CHEPRO.CPL, when executed, download data-stealing malware like TSPY_BANCOS.CVH. It gathers system-related information and text files as well as monitors transactions on sites like PayPal, Facebook, Google, and Hotmail. And as usual, data stolen can be used in future attacks.

Help Protect Your Company from Email Threats

Organizations need a comprehensive email security solution that can detect spam and malicious attachments to prevent attackers from potentially stealing crucial data. Apart from using such, organizations should also establish security policies as well as educate and train their employees to combat attacks that rely on clever social engineering tactics.

Copyright ©2013 Trend Micro Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their respective owners. The information contained in this document is subject to change without prior notice.

www.trendmicro.com

  CONNECT WITH US ON: