Before you even consider opening an email with an attachment, go through the following checklist in your head: Is this an email from someone I know and trust? Check to see if the email is truly from someone or a company you know. To make an email address appear genuine, attackers can subtly change, add, or remove a letter or two. We changed the “L” in Google to capital I in [email protected] as an example. You probably didn’t notice that “I” looks very similar to “l.” There is a distinction between “Il” and “googlemail” (correct) vs “googIemail” next to each other (false). It can be difficult to detect, so you should always be vigilant. Is the attachment something that someone I trust would send me? Consider whether you are expecting a file, a video, or a photo from the sender. What kind of file is this? Before opening any attachment, double-check the file type. Malware and viruses can hide in files with the following extensions: .ade,.adp, .asf, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe, .hlp, .hta, inf, .ins, .isp, .js, .jse, .lnk, .mdb, .mde, .mov, .msc, .msi, .msp, .mst, .pcd, .pif, .reg, .scr, .sct, .shs, .swf, .url, .vb, .vbe, .vbs, .wsc, .wsf, .wsh, Malicious links and macros in Microsoft Office documents (.docx,.xlsx, and.pptx) and PDFs can download malware onto your mobile device or computer. However, the following image, sound, and video formats should be safe:.gif,.jpg,.tif,.tiff,.mpg,.mpeg,.mp3, and.wav. Surprisingly, any text file with the extension “.txt” is completely safe. As a general rule, you should:
Only open email attachments that are expected and from a reliable source.Use Internet security software that scans email attachments for malware and viruses automatically.Delete any messages or attachments that you are unsure about without opening them.
If you follow this guide, you should be able to determine whether or not the email attachment is safe. If you’re not sure, email the sender to confirm they meant to send the attachment and ask if it’s safe, and even if they’ve been hacked.