Hiding file extensions in Windows carries risks

By default, Windows has hidden file extensions, and this is a security risk as cybercriminals exploit it to trick ordinary people. to open malicious files.


An extension u are the letters that appear immediately after the file name and are used by the operating system to determine which program should be used to open or run the file.

For example, the report.txt file has a .txt extension, which is related to the Windows Notebook program. If you run it then Windows will read the .txt extension and open the associated program, Notepad, and view its contents.

By default, Microsoft decides to hide them file extensions in Windows, so that a file named 'report.txt' will simply appear in the Explorer folder as 'report'.

The original reason for this was probably to cause less confusion to the users, but whatever the reason, it is a security risk that an attacker could use.

To see how hiding file extensions is a security risk, let's take a look at the following folder that contains two files.

With file extensions turned off, they look like the same PDF file, and both have the same name and the same icon.

However, if we enable extensions, we quickly see that they are two different files, one being PDF as expected, but the other being an executable file using a PDF icon.

In this case, the executable υ λογισμικού χρησιμοποίησε σκόπιμα το εικονίδιο PDF, που συνήθως ανοίγει το Adobe , to deceive users who have file extensions disabled, that it is a PDF file.

This does not mean that the strange PDF files you receive via email y may not pose a threat, but downloading executable files masquerading as PDF files should certainly raise more alarms.

As an example of how intruders abuse file extensions, let's take a look at a real phishing message sent to an internet user last year.

This email pretends to be your requested scan, with a ZIP attachment named Scan_002_01.zip.

When we unzip the attachment, we see that it appears to be a harmless PDF file.

However, when we turn it on of file extensions, we see that this is not a PDF file, but an executable file.

With the appearance of file extensions in Windows, we have found that this is not a secure file to run and possibly save to our computer. Probably is a ransomware or malware or it could install backdoors that could have compromised the entire network.

We recommend that our readers allow all file extensions in Windows 10 to be displayed so that they know exactly the type of file they are interacting with.

To enable file extensions in Windows 10, follow these steps:
1. Open Windows 10 File Explorer
2. Go to “View” and tick “File name extensions”

All files displayed on the desktop, in folders, or in File Explorer will now display their extension.

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).