Tips for Spotting Malicious Email Attachments

21 May

Dangerous email attachments can put anyone’s information at risk: you, companies, and even government agencies. Sure, email servers do their best to scan for malware and filter out spam, but it’s not always enough. Sometimes threatening emails make their way through. With that in mind, it’s time to get some skills at detecting these threats before you make the mistake of opening the attachments. Here, we outline some common warning signs to keep a look-out for when checking your email.

File Extensions

This is a big one. The easiest way to detect a malicious file is to look at its file extension. The scariest file extension is the email spam.exe (executable) file. It’s an actual program that could begin to download or execute some other protocol on your computer without your permission. Although many email clients will block these emails with their firewalls, one can get through. Never open an .exe file attachment.

There are also other file attachments to look out for: .msi, .bat, .com, .cmd, .hta, .scr, .pif, .reg, .js, .vbs, .wsf, .cpl, .jar and others. The best thing to do, of course, is to refrain from opening any email attachments from unknown sources.


Look at who the email is coming from. Even a known sender could have had their account hacked. Unless you’re expecting an email with an attachment from a friend or coworker, do not open it. These days, it’s really common for threatening attachments to come in the form of a macro-enabled Word document, so be on the lookout for those.

Again, exercise common sense and caution. If your boss told you she would be sending you a macro-enabled document or spreadsheet, you have nothing to worry about. When in doubt, give the sender a call or another email. Just asking them could save you the headache of dealing with a virus or other malware.

Pay Attention to Warnings

If you’re antivirus software is sending you an alert to flag the email or a file you just downloaded, listen to it. That’s what the program exists to do. Hopefully, it doesn’t get to this point. Your email client’s spam blockers and firewalls should do a good job of letting you know when something looks suspicious.

Always exercise reasonable caution when opening any email. Be sure you know the sender, and do not open any unexpected attachments. When in doubt, call the sender to be sure they meant to send you the attachment. These easy tips will keep your information and computer safe from harm – and this goes for your smartphone too!

No comments yet.

Leave a Reply