Executable e-mail attachments -- Educate the end user

Executable e-mail attachments -- Educate the end user

Executable email attachments -- Educate the end user

This tip was submitted to the searchSecurity Tip Exchange by user Rick Pierides. Let other users know how useful it is by rating the tip below.

I work with a lot of clients who cannot afford the luxury of expensive filtering software for their email. So when I make my visits I often take a little bit of extra, gratis time to educate end users on types of executables, how Windows parses the extensions from attachment filenames and how the bad guys attempt to hide the real extension. I like to hand out small post up-sized stickers with a listing of the more common executable extensions as a reminder. Along with current virus signatures and disabling Windows Scripting Host, this has gone a long way toward a much safer and more aware environment for my clients and their employees.

Executable Attachments:
* Windows defines the file type by the letters after the last period; i.e., DIAMONDINV.TXT.vbs
* Lower case extensions can make you miss the real extension. Look!
* The icon should match the file type you are expecting.
* Watch for the ellipses to indicate padded spaces to hide the real extension. DIAMOND.TXT ...

Extensions to be very wary of:
EXE, COM, BAT: Native executables
VBS, VBE: Visual Basic Scripts
JS, JSE: JavaScript
HTA: HTML Application
REG: Registry Files
SHS: Scrap Objects
DOC,XL, XLS, XLA: Office

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

files that might contain Macros
CSLID: Refers to registered controls

A searchSecurity user sent in this comment on Rick's tip:
In regards to Executable e-mail attachments -- Educate the end user, I would only add that it is important to make sure Windows is NOT set to hide file extensions for known file types! Otherwise, there's a good chance you won't read the file extension.


This was first published in June 2001

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Back to top