Skip to content

Malicious Email Attachments

Every so often, I get an email forwarded to me by a friend, client, or colleague, about the latest email circulating with a malicious attachment designed to entice people to click on it to launch a pernicious piece of malware. They always ask the same thing, “Is this for real?” Some of the warnings are hoaxes made up by people with too much time on their hands, but many are about real threats. Regardless, the concept is constant: If you click on an email attachment, it could trigger a nasty payload. Here is a recent example
Unfortunately, malware purveyors have gotten quite clever over the years, by latching onto interesting topics — Obama, Sarah Palin, swine flu, etc. Remember Anna Kournakova? The sender could appear to be a friend, prospective client or employee, the IRS, etc.

Microsoft makes it easy for malware distributors to trick people into clicking on malicious email attachments, by hiding extensions for known file types. For example, some slimeball could send you an email with an attachment named resume.doc.exe, and it would appear as resume.doc. Even Windows 7, the next generation operating system from Microsoft, has this “feature.” Thanks, Microsoft.

How do you fix this giant security hole Microsoft put on your computer? Go into the Control Panel, and open Folder Options. Next, click on the View tab, and UNCHECK Hide extensions for known file types, then click on OK. That will help, but will not substitute for caution.

Posted in Information Security, Technology.

Tagged with .

4 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

  1. Martin Larry says

    Thanks! Great advice. I’ll be back for more.

    • Cayle says

      Stay with this guys, you’re helping a lot of peolpe.

    • Trish says

      You’re a real deep thinker. Thanks for srhinag.

  2. Janess says

    IJWTS wow! Why can’t I think of tghins like that?