14 DAY TRIAL // Malware-spreading emails have been spotted in the inboxes of a major industrial company and an electric power organization from Japan.
In both cases, the cybercriminals attempted to trick recipients into installing malware by leading them to believe that the attached files were related to the renewal of their antivirus license.
The email attachments carry document icons, but they’re actually malicious executable files detected by Symantec as Trojan.Dropper.
Once executed, the bogus document drops a backdoor which enables the attacker to take control of the infected device.
Symantec reports that a similar tactic was used against several Japanese airline companies. In those attacks, the malware was disguised as a document called “aviation phraseology data.doc.exe.”
Experts warn that such old tricks can be highly effective in some cases because users tend to forget about best security practices when security solutions block out most malicious emails.