Hiding file extensions in Windows carries risks

By default, Windows has hidden file extensions, and this is a security risk as cybercriminals exploit it to trick ordinary users into opening malicious files.


A file extension is the letters that appear immediately after the file name and are used by the operating system to determine which program should be used to open or run the file.

For example, the report.txt file has a .txt extension, which is related to the Windows Notebook program. If you run it then Windows will read the .txt extension and open the associated program, Notepad, and view its contents.

By default, Microsoft decides to hide them file extensions in Windows, so that a file named 'report.txt' simply appears in the Explorer folder as 'report'.

The original reason for this was probably to cause less confusion to the users, but whatever the reason, it is a security risk that an attacker could use.

To see how hiding file extensions is a security risk, let's take a look at the following folder that contains two files.

With file extensions turned off, they look like the same PDF file, and both have the same name and the same icon.

However, if we enable extensions, we quickly see that they are two different files, one being PDF as expected, but the other being an executable file using a PDF icon.

In this case, the malware executable intentionally used the PDF icon, which Adobe Reader usually opens, to trick users with file extensions turned off into a PDF file.

This does not mean that weird PDF files you receive via email can be dangerous, but downloading executable files disguised as PDF files should definitely raise more alarms.

As an example of how intruders abuse file extensions, let's take a look at a real phishing message sent to an internet user last year.

This email pretends to be your requested scan, with a ZIP attachment named Scan_002_01.zip.

When we unzip the attachment, we see that it appears to be a harmless PDF file.

However, when we enable the display of file extensions, we see that this is not a PDF file, but an executable file.

With the appearance of file extensions in Windows, we have found that this is not a secure file to run and possibly save to our computer. Probably is a ransomware or malware or it could install backdoors that could have compromised the entire network.

We recommend that our readers allow all file extensions in Windows 10 to be displayed so that they know exactly the type of file they are interacting with.

To enable file extensions in Windows 10, follow these steps:
1. Open Windows 10 File Explorer
2. Go to the "View" tab and check the "File name extensions" option

All files displayed on the desktop, in folders, or in File Explorer will now display their extension.

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news