POP3: .VBE

This signature detects e-mail attachments with the extension .vbe received through POP3. This can indicate an incoming e-mail virus. .VBEs (VBScript Encoded Script File) contain scripts. Attackers can create malicious scripts, tricking the user into executing the file and infecting the system.

Extended Description

Virus and worm authors can exploit .vbe files by inserting malicious code. A target system is compromised if an unsuspecting user opens a malicious .vbe file. Such a file is usually received by e-mail. The impact on the target system is dependent on the instructions contained in the malicious .vbe file.

References

URL: http://www.cknow.com/vtutor/FileExtensions.html http://www.novatone.net/mag/mailsec.htm http://support.microsoft.com/?kbid=235309

Short Name

POP3:EXT:DOT-VBE

Severity

Major

Recommended

False

Recommended Action

Drop

POP3: .VBE

Extended Description

References

Found a potential security threat?