Following are potentially dangerous file extensions in e-mail attachments. That means if you click them and launch them, they will execute instructions in your computer. If a friend sends you an executable attachment in an e-mail and says "this is the coolest thing I've ever seen" or something similar... beware! It could be a virus, and your name could have been stolen from your unsuspecting friend's e-mail address book.
The bottom line is that you must know why you are launching any executable file (see list below). There are countless clever phrases used to trick people into clicking an attachment that wipes out their hard disks. Have you backed up lately? See double extension and extension.
The bottom line is that you must know why you are launching any executable file (see list below). There are countless clever phrases used to trick people into clicking an attachment that wipes out their hard disks. Have you backed up lately? See double extension and extension.
FILE EXTENSIONS
Executables (potentially dangerous)
Know what you are opening!
.EXE (machine language)
.COM (machine language)
.VB (Visual Basic script)
.VBS (Visual Basic script)
.VBE (Visual Basic script-encoded)
.CMD (batch file - Windows)
.BAT (batch file - DOS/Windows)
.WS (Windows script)
.WSF (Windows script)
.SCR (screen saver)
.SHS (OLE object package)
.PIF (shortcut to DOS file plus code)
.HTA (hypertext application)
.JAR (Java archive)
.JS (JavaScript script)
.JSE (JScript script)
.LNK (shortcut to an executable)
Text (safe)
.TXT
Images (safe)
Following are common image file types.
There are many others (see graphics formats).
.GIF
.JPG
.BMP
.PNG
.AI
.WMF
.TIF
.EPS
.PCX
.DXF
Data (potential problem)
.XLS (Excel) Can contain macros that execute.
.DOC (Word) Can contain macros that execute.
Other Data (safe)
Data are processed, not executed, and are thus
theoretically safe. There are hundreds of data
file types (see extension).
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2009 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- Why Google released Closure Tools
- another nail in M$ coffinIt seems Google is second to FSF to send M$ to its grave.You are an idiot....First of all did you even read the article...Not only the article makes no senselike your idiotic rant aggainst MS but it contains several errors.AJAX is javascript and is not unique...
- Discussion threads 2009-11-06
- Protest of Swedish domain name rules grows
- Pirate Bay said it is supporting protestors to Sweden's plans to scrutinize all domain name registrations that use "bank" in their name. The Swedish authorities want to prevent people from being duped by phishing scams. The rules would only apply to Swedish .SE extensions but protestors say...
- Blog posts 2009-09-24
- Microsoft plays the security card in response to Google's Chrome Frame
- "Latest" phishing/malware data from NSS Labsapplies to Chrome 2. The most current Chrome is 3.0.195.21. I'm not surprised Microsoft mentions it though; they need to say something. Concering Chrome running inside IE..Yea I think they do, sort of. Correct me if I'm wrong but in Vista and beyond that plugin...
- Discussion threads 2009-09-24
- Does Oracle matter to open source
- only as long as Oracle fights M$the reason OSS is doing very well is because people hate M$ and proprietary software in general.As long as Oracle will fund this insurgency against the evil M$ empire everybody will be better off.Eventually M$ will collapse like the Soviet Union and great days...
- Discussion threads 2009-09-18
- Amazon uses 1984 to free e-books
- Amazon uses 1984 to free e-booksDangerous gambleThey'll get harmonization. But likely to the US level through ACTARE: Amazon uses 1984 to free e-books"In this case the monopoly is copyright, which extends practically to infinity in the U.S., thanks to the Walt Disney Co., but is held to a reasonable length...
- Discussion threads 2009-07-19
- Five IT security pet peeves
- Five IT security pet peevesI feel your pain.I've offered and encouraged people I correspond with to use PGP or some variant thereof many times over the years. Despite its being so easy to use, with plugins for just about every popular mail client, no one will. I think...
- Discussion threads 2009-05-06
- Windows 7 still allows unsafe files to be disguised as safe files
- Windows 7 still allows unsafe files to be disguised as safe filesThey should....Default to show all extensions and give people the ability to hide them if they prefer, not sure why they would, but the option would be there. This is a good point to make and I hope...
- Discussion threads 2009-05-05
- Death to Windows AutoRun!
- Death to Windows AutoRun!autorun was invented for the masses...it's enough tho to follow the linux lead and just put an icon on the desktop representing the cd or dvd. that way you don't have to guess at which drive you put the disk into. linux also does this...
- Discussion threads 2009-04-30
- The Pirate Bay torpedoed
- The Pirate Bay torpedoedThe Pirate Bay verdict ...... thoughts?Even if TPB was completely shut down it wouldn't matter.Piracy will remain as strong as ever and just morph into something even harder to stop.RE: The Pirate Bay torpedoedGood. Enough with the theft of copyrighted material.They may not be so innocent... but...
- Discussion threads 2009-04-17
- Web 2.0 Expo: Top ten Web hacking techniques
- A large portion of the Web 2.0 Expo attendees are focused on content. They want to create better, more engaging content for social media programs and Web engagement with their customers. But the Web and application developers behind this content need to know how to secure it. This is what...
- Blog posts 2009-04-01
- The Mac at 25: GUI battles in business
- The Mac at 25: GUI battles in businessSystem 7 was the worst OS I've ever usedShudder, that thing was S...L...O...W... Well, that's not totally true. It would crash really fast, really often. The whole System 7, 8, 9 line was absolutely terrible. It wasn't until Apple gave up trying to...
- Discussion threads 2009-01-23
- Firefox tops list of 12 most vulnerable apps
- Mozilla's flagship Firefox browser has earned the dubious title of the most vulnerable software program running on the Windows platform. According to application whitelisting vendor Bit9, Firefox topped the list of 12 widely deployed desktop applications that suffered through critical security vulnerabilities in 2008. These flaws exposed...
- Blog posts 2008-12-15
- Google outlines plan for extensions in Chrome
- Google outlines plan for extensions in ChromeYou are on target, GarettI would enjoy using Chrome if it were not for the features it lacks:☻ It lacks common user controls☻ It lacks needed functionalities (like ad-blocking, JavaScript controls, cross-site scripting controls, etc.)☻ It lacks Bookmark management ([i]including[/i] Sort features)☻ It lacks...
- Discussion threads 2008-12-01
- 10 Firefox extensions you can't live without
- Whether you want to speed access to the Web sites you regularly visit, keep better tabs on your tabs, or protect your system from potentially dangerous active content, there's a Firefox extension ready to help you out. Jack Wallen shares his list of favorite time-saving, browser-enhancing add-ons.This download is also...
- Download resources 2008-08-18
- Black Hat Las Vegas Day 2
- Again, sorry for the late updates. Vegas is the kind of place that demands a lot of a person. Too many parties make it difficult to find time to blog on the conference. Pictures of the even are a bit sparse, due to consistently forgetting to bring my camera, but...
- Blog posts 2008-08-09
- '.wow': ICANN to allow almost any domain suffix
- '.wow': ICANN to allow almost any domain suffixDangerous ground[i]However, Twomey told Agence France-Press that the organization will still try to block or reject any domain name that it deems inappropriate for security or [b]moral[/b] reasons.[/i]And just what morality standards will they be using?Personally, It wouldn't bother me if all porn...
- Discussion threads 2008-06-27
- Skype patches security policy bypassing vulnerability
- In a security bulletin issued two days ago, Skype's latest version fixes a File URI Security Bypass Code Execution Vulnerability originally reported by Ismael Briones : Remote exploitation of a security policy bypass in Skype could allow an attacker to execute arbitrary code in the context of the...
- Blog posts 2008-06-06
- OOXML said to win ISO standardization approval with 75 percent of the vote
- OOXML said to win ISO standardization approval with 75 percent of the voteIt's capitalism, all right!A capital offense against mankind.And all the sheep bleat happily as they line up to be sheared.This is fantastic newsThis means that the man on the street can sponsor Penelope and Rupert's riches through their...
- Discussion threads 2008-04-01
- Defeating the Same Origin Policy part 2
- In my first post in this series, I discussed the Same Origin Policy and how it protects us from some very serious attacks, the dangers of domain name based trust, and how to attack implementations of the Same Origin Policy within the Java Virtual Machine JVM. In order to demonstrate...
- Blog posts 2008-03-24
- Poll: Is Microsoft still dangerous?
- The sanctions imposed on Microsoft as part of its settlement with the DOJ and the States (and subsequently ratified by Judge Kollar-Kotelly) are set to expire in November. This has led to a difference of opinion between America's Department of Justice, the federal agency tasked with enforcing American laws at...
- Blog posts 2007-10-25
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
- Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
- Linking Decisions and Information for Organizational Performance Read the Tom Davenport study
