Attachments
One of the useful features of electronic mail is that of being able to add files to a document. Such files can be documents, photographs, video clips, music, etc.
Unfortunately, it is also possible to add files that can run a program, usually referred to as “executable” and these can infect your computer with malicious software or perform functions that prejudice your security – by, for example, capturing your logins and passwords.
Every ile (a single document in digital form) has an extension that describes what it is. Extensions are of the format “dot followed by three or more letters”, for example .mp3 describes an audio or music file,
.pdf describes an item as being in Portable Document Format, .jpeg sometimes .jpg describes a graphical item in Joint Photographic Experts Group format, etc.
Why is this an issue?
Opening an attachment that is a form of executable file (software that can run on your device) can infect your computer. Once infected, your device could infect other devices, those of people you share data with. Hackers wanting to penetrate a corporate network often use the faked e-mail identities of someone you know to send attachments including professional quality malicious software that collects logins and passwords and gradually allows them to acquire confidential information and penetrate networks.
What to do about it
Gain an understanding of what the many types of file do and learn to distinguish “safe to open” files from executable files.
A search engine query for “dangerous file extensions” or “malicious file extensions” will return a long list of file extensions including: .exe, .com, .bat, .cmd, .lnk, .vbe, .vbs, .jar and dozens of others. Beware of files that have been compressed to the .zip format as you cannot tell what they contain until they have been decompressed (unzipped). If in doubt about it’s origin check with the sender. If unexpected, delete without opening.
It is good practice to download only files that have a safe-to-open extension and this requires you to ensure the file extension is visible – some operating systems hide file extensions by default and it is up to you, the user, to modify the settings so that they are visible (search engine to the rescue!).
Hackers can change file extension so that they appear to be a safe-to-open one. Ensuring that the true and complete file extension is seen will show files that should NOT be opened. Your antivirus software should be set to scan files as they are downloaded and, in any case, before they are opened.
Attachments to e-mail from people you do not know (and unexpected attachments from people you know) should be treated with care – better safe than sorry… In any case, if you did not expect it, you will not miss it.