Some threats (W32.Phopifas, Trojan.Shylock, and Downloader.Liftoh as a few examples) often use Skype to spread. Users fall victim to social engineering tricks and so download and execute malicious files from Skype.
Is there any additional measure that administrators can put in place to block attacks of this sort?
The malicious files involved are usually named [filename].pdf.exe. The user downloads and executes these files believing that they are a common PDF file.
It is possible to create a defensive policy for Symantec Endpoint Protection's optional Application and Device Control (ADC) component. This policy will prevent the malicious files downloaded by Skype from being executed and causing harm, even if AntiVirus signatures have not yet been created against this specific variant of threat.
Create/Edit an Application and Device Control policy
A pre-built policy file is attached, below. Please note that this file and these steps are provided "as-is" and may not be effective against every new variant or threat.