Tuesday, June 2, 2009

Dangerous Email File Attachments You Should Be Aware Of

http://www.pcmech.com/article/email-file-attachments-you-should-not-open/It is easy to catch flu, if you do not make necessary precautions. It is easy to infect your computer with unwanted disease, like virus or less destructive, but nevertheless very annoying malware. Rich Menga’s recommendations on how to handle certain file attachments are simple and straightforward: never open them. But the expectations that people would follow this advice would be unreasonable, taking in account the amount of video, audio, and other types of information being exchanged between computer users.


Being far from the anti-virus paranoia, I would definitely think twice before opening, even thou I am personally equipped with heavy arsenal of anti-virus, anti-trojan, and all other anti-tools. It is always easier to prevent infection than to clean your computer after.

Among the email attachment extensions that should not be opened at all, or if completely necessary, should be open in the special secure environment, are:

Very Dangerous File Formats

.reg Possible Windows registry attack

.chm Possible compiled Help file-based virus

.cnf Possible SpeedDial attack

.hta Possible Microsoft HTML archive attack

.ins Possible Microsoft Internet Comm. Settings attack

.jse Possible Microsoft JScript attack

.lnk Possible Eudora *.lnk security hole attack

.ma_ Possible Microsoft Access Shortcut attack

.pif Possible MS-Dos program shortcut attack

.scf Possible Windows Explorer Command attack

.sct Possible Microsoft Windows Script Component attack

.shb Possible document shortcut attack

.shs Possible Shell Scrap Object attack

.vbe or .vbs Possible Microsoft Visual Basic script attack

.wsc .wsf .wsh Possible Microsoft Windows Script Host attack

.xnk Possible Microsoft Exchange Shortcut attack

.scr Possible virus hidden in a screensaver

.bat Possible malicious batch file script

.cmd Possible malicious batch file script

.cpl Possible malicious control panel item

.mhtml Possible Eudora meta-refresh attack

Deny all other double file extensions. This catches any hidden filenames.

Dangerous File Formats

.EXE, .COM

Most email servers outright ban the use of sending .EXE files and there is a strong reason of doing so since executable Windows files can easily lead to the most severe consequences to your computer. Even if you do not see the negative effect immediately, you cannot be sure that the installed possible software spy/terrorist has not started its destructive activities. If you need to test the file badly for some reason, open it in a virtual machine environment. And if it blows that up, no big deal because you can just kill the session and create another one.

.ZIP, .RAR, .ARJ

These extensions (and some other) represent the archives. Everything can be compressed – from innocent document to virus bomb. While many security specialists recommend directing these files into trash bin right away, I would not be so conservative. It all depends… Just review the content of the archive before opening it.

.PDF, .DOC, .XLS

These document files formats are considered absolutely safe in our communication world. However, it is not absolutely true assumption. Microsoft Office files may contain hidden elements anything from simple macro viruses (relatively harmless but annoying) to full-blown malicious code. To play absolutely safe, you can open the documents at Google Docs instead of opening them on your own PC.

.WMV, .ASF, .ASX, .MOV

WMV is Windows MediaVideo. ASF is Advanced Systems Format. ASX as Advanced Stream Redirector format. MOV is the Apple Quicktime Movie format.

All of these are video formats, and of them routinely contain malware. You should be careful opening this sort of files from unfamiliar (or even familiar) sources. If you are suspicious on the possible infection, but you still want to be sure, you can upload it to YouTube as a private video and watch it that way. That way, no malware code will be launched on you computer.

.DLL

Dynamic Link Library. Can be used for a variety of tasks associated with a program. DLLs typically add functions to programs. Some contain executable code; others simply contain functions or data but you can't tell by looking so all DLLs should be scanned.

.MSI, .MSP

Microsoft Windows Installer Package and Microsoft Windows Installer Patch. Both files contain code and might carry the same threat as executable package.

Safe File formats

Any image (BMP, GIF, JPG/JPEG, TIF/TIFF)

To the best of my knowledge there is no malicious code that can be executed from a static image format.

HTML formatted email

Both local and web based email clients have become "smart" enough not to load images, or any other "bad" stuff, automatically.

Audio files (MP3, WAV)

I have never received a virus or been infected with malware from a static audio file.

And finally if you receive an email with an unknown to you file attachment, make search to understand what is that, and only than decide whether to open it or not.

No comments:

Related Posts Plugin for WordPress, Blogger...