Why you need to show known file types

For years we have been seeing thousands or even millions of users get infected by opening email attachments where they think that the attachment is a file of a type they are expecting. Everybody gets documents and pictures sent to them, whether it is pictures of your sister’s new baby or a friend telling you about his or her great holiday or night out.

You need to show known file types because you can never rely on just the icon, because that can be faked very easily. You need to look at the file extension every time. Anytime you see a .EXE .COM or .SCR extension you have to remember that they are programs that run on your computer and are not a picture, video, document or other file that you just look at.

If you have your computer options set at the default that it comes with you, which is not to show known file types, then you  are seriously at risk of being infected.

If you received an email with one of these attachments, what would you do. Along with most people ( unless you are a paranoid security professional who has set show known file types) you would assume that they are what they look like and open them.  Well that is a guaranteed way to get your computer taken over by the bad guys and one of the very nasty latest malwares called Crypto-locker installed on your computer.

show known file types turned off

show known file types turned off

 

 

 

 

Now If you do a simple tweak to the settings and Set your folder options to “show known file types”.  then  you get these  slightly different looking files when you open the email

 

show known file types turned on

show known file types turned on

 

 

 

 

Now you can clearly see that the alleged PDF or DOC or XLS or WAV file is not what it pretends to be. It is a .exe, that is a program that will run on your computer.  The zip file  is genuine  in both cases, and clicking on that will give you a message asking to extract the contents, which was the fake file. BUT you cannot be sure unless you have “show known file types” enabled.

This doesn’t just apply to email attachments. You are just as likely to be infected when you follow a link from an email, personal message, Facebook link or any other web link, that tells you to download a picture, pdf file, word document, video or sound clip.

  • Never open any file directly from a website, always save it to your computer and look very carefully at the file and don’t rely on the icon ( picture of what it is supposed to be).
  • Make sure you have show known file types set.
  • Always look at the final 3 letter  extension to see what type of file it is.

The default for windows is to hide known file types and that way, when you receive an email  or you  click on  a link on a webpage or instant message  that says  open this picture or read this important document, you don’t see the .exe  at the end. Once you set known file types to show, it is much less likely that you will accidentally click on a malware file & open it, thinking that it is a picture from a friend or a document that you are expecting. This shows you how to set it for Windows 7 or Vista  and this for Windows 8

When you get an attachment ( ANY file) in an email, don’t blindly click on it and NEVER just open it. Always save the attachment to your computer and then scan it with your antivirus.

 



 

Leave a Reply

9 Comments on "Why you should set your folder options to “show known file types”"

Notify of
avatar
10000

Sort by:   newest | oldest | most voted
D Dempsey
Guest
D Dempsey
15 August 2014 5:19 pm 5:19 pm

I received likely-looking email with a zip extension so I opened it, fortunately my anti-virus revealed it had malware/trojan and cleaned it, but unfortunately I had already replied and only realised it was false when I rang court dealing with my case. Hopefully no real damage done but lost a lot of time with it.

trackback

[…] Avoid peer-to-peer (P2P) file sharing programs (i.e. Limewire, eMule, Kontiki, BitTorrent, BitComet, uTorrent, BitLord, BearShare). They too are a security risk which can make your computer susceptible to malware infections. File sharing networks are thoroughly infested with malware according to security firm Norman ASA and many of them are unsafe to visit or use. Malicious worms, backdoor Trojans IRCBots, and rootkits spread across P2P file sharing networks, gaming, porn and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. If you must use file sharing, scan your downloads with anti-virus software before opening them and ensure Windows is configured to show file extensions – Why you should set your folder options to “show known file types”. […]

Anonymous
Guest
Anonymous
1 September 2014 9:38 am 9:38 am

Anybody have idea how to remove whatever it installed? the post is just how to prevent from it but not suggesting how to get rid of it..

Jon
Guest
Jon
11 September 2014 10:00 am 10:00 am

Helpful document…except it doesn’t give a step-by-step process on how to do this!

Neil
Guest
Neil
8 December 2014 5:12 pm 5:12 pm

Hi, I just received this email and clicked on to the attachment.(Please find attached INVOICE number 224245 from Power EC Ltd)

The attachment showed a blank word document but nothing else that I could see, no zip file or anything.
As a result, I I did not unzip any files or anything and simply came out of the word document that had appeared when I clicked on the attachment.
Based on this information, do you think I have infected my computer.

I have since ran my Avast anti virus scan which picked up a couple of high threats which were subsequently disinfected and cleared.

Kind regards

Neil

alice
Guest
alice
2 August 2015 2:19 pm 2:19 pm

Hi, I’ve recieved like that email last year but when I was arranging my emails I found a strange email than stupidly opened it and saved it.
It was exaclty ” .SCR ” file and i just kept on cliking it cause it wasn’t opened.
I felt strange than started looking for what the hell is this file.
does my computer infected? or in danger?
I’m afraid of my computer getting infected..ㅠㅠ
I can’t fully understand the above cause i’m not a native english speaker:(
what do i have to do now……

wpDiscuz