Share This with your friends and contacts. Help THEM to stay safe:

Why you need to show known file types

For years we have been seeing thousands or even millions of users get infected by opening email attachments where they think that the attachment is a file of a type they are expecting. Everybody gets documents and pictures sent to them, whether it is pictures of your sister’s new baby or a friend telling you about his or her great holiday or night out.

You need to show known file types because you can never rely on just the icon, because that can be faked very easily. You need to look at the file extension every time. Anytime you see a JS or .EXE or .COM or .PIF or .SCR or .HTA .vbs, .wsf , .jse  .jar extension you have to remember that they are programs that run on your computer and are not a picture, video, document or other file that you just look at.

If you have your computer options set at the default that it comes with you, which is not to show known file types, then you  are seriously at risk of being infected.

If you received an email with one of these attachments, what would you do. Along with most people ( unless you are a paranoid security professional who has set show known file types) you would assume that they are what they look like and open them.  Well that is a guaranteed way to get your computer taken over by the bad guys and one of the very nasty latest malwares called Crypto-locker installed on your computer.

show known file types turned off

show known file types turned off





Now If you do a simple tweak to the settings and Set your folder options to “show known file types”.  then  you get these  slightly different looking files when you open the email


show known file types turned on

show known file types turned on






Now you can clearly see that the alleged PDF or DOC or XLS or WAV file is not what it pretends to be. It is a .exe, that is a program that will run on your computer.  The zip file  is genuine  in both cases, and clicking on that will give you a message asking to extract the contents, which was the fake file. BUT you cannot be sure unless you have “show known file types” enabled.

This doesn’t just apply to email attachments. You are just as likely to be infected when you follow a link from an email, personal message, Facebook link or any other web link, that tells you to download a picture, pdf file, word document, video or sound clip.

  • Never open any file directly from a website, always save it to your computer and look very carefully at the file and don’t rely on the icon ( picture of what it is supposed to be).
  • Make sure you have show known file types set.
  • Always look at the final 3 letter  extension to see what type of file it is.

The default for windows is to hide known file types and that way, when you receive an email  or you  click on  a link on a webpage or instant message  that says  open this picture or read this important document, you don’t see the .exe  at the end. Once you set known file types to show, it is much less likely that you will accidentally click on a malware file & open it, thinking that it is a picture from a friend or a document that you are expecting. This shows you how to set it for Windows 7 or Vista  and this for Windows 8  | Windows 10

When you get an attachment ( ANY file) in an email, don’t blindly click on it and NEVER just open it. Always save the attachment to your computer and then scan it with your antivirus.

Share This with your friends and contacts. Help THEM to stay safe:


Why you should set your folder options to “show known file types” — 13 Comments

  1. I received likely-looking email with a zip extension so I opened it, fortunately my anti-virus revealed it had malware/trojan and cleaned it, but unfortunately I had already replied and only realised it was false when I rang court dealing with my case. Hopefully no real damage done but lost a lot of time with it.

  2. Pingback:Best Practices for Safe Computing | Bob The Helper PC Doctor

  3. Hi, I just received this email and clicked on to the attachment.(Please find attached INVOICE number 224245 from Power EC Ltd)

    The attachment showed a blank word document but nothing else that I could see, no zip file or anything.
    As a result, I I did not unzip any files or anything and simply came out of the word document that had appeared when I clicked on the attachment.
    Based on this information, do you think I have infected my computer.

    I have since ran my Avast anti virus scan which picked up a couple of high threats which were subsequently disinfected and cleared.

    Kind regards


  4. Hi, I’ve recieved like that email last year but when I was arranging my emails I found a strange email than stupidly opened it and saved it.
    It was exaclty ” .SCR ” file and i just kept on cliking it cause it wasn’t opened.
    I felt strange than started looking for what the hell is this file.
    does my computer infected? or in danger?
    I’m afraid of my computer getting infected..ㅠㅠ
    I can’t fully understand the above cause i’m not a native english speaker:(
    what do i have to do now……

  5. Pingback:My Online Security | ACH Payment Notification malspam delivers trickbot / dyre banking Trojan

  6. Pingback:My Online Security | Budget forecast malspam delivers Locky with a .shit extension

Leave a Reply

Your email address will not be published. Required fields are marked *