This tip was submitted to the searchSecurity Tip Exchange Contest by user Marc Deschenes. Let other users know how useful it is and help Marc win a prize by rating the tip below.
Learn and follow these two simple steps, and you won't have to be afraid of attachments.
1. Don't allow Windows to hide file extensions (those three letters after the "." in the filename).
Why Microsoft ships Windows with its default settings being the most dangerous they can be is a mystery to all of us. Well, I suppose it helps to keep the antivirus companies in business. :-O
By default, Windows is set to hide file extensions of known file types. What this means to you is that you are easy prey to the most common type of e-mail virus tactic, which is to mail an attachment with a filename that looks like something that it is not. The trick is that the virus hackers will simply name the file in such a way as to appear to be a JPG or something harmless, because they know that most peoples' systems will not show the actual file extension. For example, if your system is hiding file extensions, a file attachment of "MyDog.JPG.VBS" will appear in your e-mail program as "MyDog.JPG," which leads you to believe that it is simply a picture, when in fact it is a VB script (a program that can do whatever the virus writer wants if you decide to double-click on it). So, let's change the system setting that determines if file extensions are displayed or
Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
not.
To keep Windows from hiding file extensions, do this:
Depending on which folder you had selected when you started Windows Explorer, you might immediately notice that you can now see the file extensions for all your files (that you couldn't see before). Actually, there are still some file types that Windows insists on hiding from you, but for our purposes today, this new setting will suffice. To learn more, go to http://apcsnh.com/vacm/.
2. NEVER just double click file attachments in e-mails directly!! There's a safer way...
Whenever I get file attachments, here's what I do:
So, what good did all that do?
Well, first you got the most up-to-date virus protection. Then, by doing the "Save As" you actually gave your antivirus software a chance to scan the file as it was being written to your disk (desktop or folder you chose). That's right -- you made sure that your antivirus had a chance to look at the attachment.
Plus, you got to see exactly what the filename was when you did the Save As. If the filename ended in .VBS or .VBE or .PIF or .LNK or .SCR or .EXE or .CMD or .BAT, these are highly suspect. Go ahead and do the Save As to let the virus scan happen, but you might still want to just delete the e-mail since nobody has any business sending you a file of this type, unless they are trying to get you to execute a virus program, that is.
By the way, if you get an .EXE or one of the other suspect file types, and it came from someone you know, you might just e-mail them back and ask if they sent it to you and what it is. Then wait for their reply before opening it. They may not know they sent it to you if their system has a virus quietly sending infected e-mails to everyone they know.
If the Save As completes without generating a warning from your antivirus and it is really a valid file (such as a .DOC or .TXT or .XLS), only then should you consider opening the attachment. You can double click on it from the e-mail message, or you can double click the copy you saved to your desktop. Either way, when you are done with the file, you have a copy on your desktop that you can either delete or move to a folder of your choice if it is something you wish to keep.
Follow these two simple tips always and never fear a file attachment again!
This was first published in March 2002