There are reports that a new bank account raiding Trojan, called Hesperbot, is doing the rounds. This Trojan uses an old design flaw, found in ALL versions of Microsoft Windows.
These viruses try to trick users into running a malicious Windows executable, cunningly named with a .pdf.exe file extension.
For example, a program named “MyTrojan.pdf.exe” will show as “MyTrojan.pdf” to most Windows users. With the addition of a PDF icon, users are duped into opening what they think is a PDF file.
These type of attacks can be easily vaccinated against with one simple change of settings:
Set your Windows Explorer to show the extensions for known files.
There are a number of ways to access these settings – such as using the Control Panel / Folder Options / View Tab, or from inside Windows Explorer / View / Options / View tab.
Microsoft continues to hide extensions by default. If only they set Windows to show extensions by default, this attack vector would not exist.