How to spot disguised malicious files before they infect your computer
Imagine that you get an email from an acquaintance with an MP3 file attached. The email says that this is the best song ever, and you’ll love it. An MP3 is harmless enough, so you download it and try to play it.
You can’t hear any music, but you notice your computer is acting funny. You run a virus scan and it turns out that your computer is infected with a nasty bug. Obviously, the MP3 file was to blame, but probably not in the way you think.
Note: Need to protect your files? IDrive lets you backup data on every internet enabled gadget in one account. This means you get one account for your computers, laptops, tablets, phones as well as your online accounts like Facebook and Instagram. Click here to learn more about IDrive and use promo code KIM to save 50 percent on 2 TB of your cloud backup!
Savvy scammers can manipulate a file’s extensions to disguise what kind of file it is. As a refresher, the file extension is the .xyz at the end of a file. So, an MP3 is .mp3, a video file could be .avi, .mov, .mp4 or something else along those lines, a photo can be .jpg, .bmp, .raw, and so forth.
Then there’s .exe. This is the extension for an executable file, which is what actually executes the program’s code. It’s usually the extension of the file you double-click to install or open a program, including most viruses. Unfortunately, hackers have two ways to disguise .exe files so you don’t spot them until it’s too late.
1. Hidden file extensions
Every modern version of Windows hides file extensions by default. This does make file names look cleaner, but it also makes this scam tactic much harder to spot.
A hacker simply has to name their file “myphoto.jpg” and it looks like a .jpg file. However, if you could see the hidden extension, it would really be “myphoto.jpg.exe.” Fortunately, you can see file extensions with a simple setting tweak.
In Windows 8 and 10, open any folder and click the “View” tab at the top. Check “File name extensions” and you’ll immediately start seeing extensions on every file.
In Windows Vista and 7, open any folder and click “Organize” in the upper left corner.
Go to “Folder and Search Options” and then click the View tab. Uncheck the box that says “Hide extensions for known file types.”
Then click “OK” and now you’ll see the full extension for every file.
2. Reversed file extensions
This doesn’t eliminate the fake file extension problem entirely, though. A savvy hacker can actually manipulate the name of a file so it appears backward. So they can apply a special character code to the file name that turns “3pm.exe” into “exe.mp3.”
Of course, that doesn’t do much to hide an .exe file, but there are other virus-deploying file types, including .bat, .cmd, .com, .lnk, .pif, .scr, .vb, .vbe, .vbs and .wsh. If you see three letters that don’t make any sense just before a file extension, beware.
Sound like too much to remember? There are four steps you can take to avoid getting tricked with this method.
1. Have security software installed
This is the first rule for securing any computer system because it eliminates 99 percent of the threats to your computer right away. Even if you do download a disguised malicious file and run it, your security software should catch it before it gets too far. Here are 5 signs your computer might have a malware infection.
However, once you download a file, it stands a better chance of getting past your security, either using a flaw in the operating system or another program. That’s why we have the second rule.
2. Don’t download files from email
As a rule, you should never download files from email attachments. If someone sends you an email with an unexpected attachment, call or text them to make sure they really sent it. Even if you recognize the sender, hackers might have taken over their email or it could be a phishing email pretending to be from a recognizable company.
3. Don’t download files from questionable sources
You’re browsing online looking for music, photos, movies, eBooks or other files. Suddenly you find the motherload of free content you’ve been after!
Before you start the downloading frenzy, take a second to consider the site and why it’s there. It might be someone posting out of the goodness of their heart, or it could be a hacker trap. If the content you’re looking at is less than legal, the chances it’s a trap go up a lot. Even if it isn’t a trap, however, you shouldn’t be stealing anyway.
4. Don’t use an administrator account
This rule requires a little more work, but it’s worth it. There are several kinds of Windows accounts, but it’s likely that you’re using an administrator account. If so, that means you can install programs and make setting changes without having to enter a password. That’s convenient, but it’s also good news for a virus.
Switching your main account over to a standard account instantly makes it much safer. If you try to run a music file or open a photo, and your computer asks for your password so it can install a program, you know something is wrong. You can stop the virus from installing before it starts. Learn how to set up your Windows accounts for safety.
Bonus tip: In case your computer does get infected with malware, you need to have your data protected. Our sponsor, IDrive, lets you backup all your PCs, Macs and mobile devices into ONE account for one low cost!
IDrive plans start at just $5.95 per month for 2 TB of storage, and there’s even a free option for up to 5GB of storage! Click here and use promo code KIM to receive a special discount of 50 percent.
More from Komando.com
What is Facebook cloaking, and why is it so dangerous?
Phishing emails tricking people into falling for tech support scams
3 ways to clean up your Mac and make it run better
Your Macintosh computer is your workhorse. It needs to be ready at a moment’s notice, and dish out extensive tasks on a day to day basis.
Having slow performance on your Mac can grind projects to a halt. It can also just about drive you crazy.
Best free (and low-cost) video editors used by the pros
A popular free video editor is biting the dust, but that doesn’t mean you’ll be left without options. These editing programs will help you turn your footage into compelling videos. And, the best part is, they’re free to use, or only cost a few bucks to download.
5 amazing things you can do with Google Assistant
How in the world did we manage to survive for a millennium without voice-activated virtual assistants? For Android phone users I have great news! There’s an easy way to get help. It’s called Google Assistant. Here are some system requirements you need to know about before you start using it.
Easiest way to find lost product keys needed to install software
It’s no secret, keeping track of software keys, codes and licenses can be a pain. These long, random sets of characters can be printed on a label, an old software CD case or stashed in an email somewhere. But, not having them can be a huge problem if you have to reset your computer. Here’s a little trick to find what you need easily.
10 incredible things you didn't know your Android could do
Whether you’re new to the Android world or have been in Google’s ecosystem since the beginning, you’re guaranteed to find something you didn’t know about your smartphone and tablet’s operating system in this tip. From ways to customize your device, to settings you can’t afford to overlook, I’ve rounded up all the essentials.
Hackers use the sites you visit daily to attack you - Protect yourself with these tips
You know not to visit shady sites, which is why hackers have found ways to attack you through sites you might visit daily. Find out how they do it and how to stay safe.
Malware stealing data from more than 40 popular apps
Facebook, WhatsApp, Skype, Firefox and more – just think of all the private data you enter into these apps. Well, right now there’s a form of malware that’s secretly stealing that data and passing it along to hackers. How is this malware infecting devices, and is there anything you can do to stop it?
3 ways your smartphone can be hacked without you knowing
It’s more important than ever to be vigilant with online security as hackers are finding new creative ways to steal your information. Savvy digital thieves can target your smartphone without you even knowing about it, which leaves your sensitive data at risk. That’s why we’ve put together this list of things to watch out for.
Types of ransomware targeting mobile devices
Watch out! People are getting hit by ransomware on their phones and tablets. Once this happens, your phone or tablet is totally locked until you pay the hackers a ransom.
5 tips every Windows 10 user needs to know
Windows 10 is a good operating system, but it can always be better. Whether you’re about to install it, or you’ve been using it for a while, here are five things you need to change to get more from your computer or laptop.
3 essential security tasks to do right now
With just a few basic security steps, you can stop most of the threats aimed at you. And once you get your security set up, it doesn’t take much effort to maintain. That leaves you free to focus on the big threats with less worry.
5 ways to use less data on your smartphone (No. 4 will make a huge difference)
It’s easy to go over your data limit when you’re streaming shows on Netflix or downloading songs, videos and other media files. After all, we pay good money for wireless internet access, so we want to use these features to the fullest potential. But if you never think about how to use less data on your smartphone, overage charges will slap you in the face.
5 Windows 10 secrets you need to know now
Windows 10 has grown in popularity, but have you taken the time to start learning the ins and outs? It has some incredible features that will help you find things faster and get more done. Here are five of my favorites.
Samsung Smart TV security flaw leaves it open to hackers
Your television is one of the last places you’d expect to find malware, but a major flaw in this top brand has created an open door for hackers. You won’t believe how easy it is for these TVs to be infected.
Popular antivirus program mistakenly IDs Windows as a threat, chaos follows
Your anti-virus software has one job: Protect your computer against malware. But one overzealous anti-virus program is improperly flagging Windows files and safe websites like Facebook as malicious. Here’s how to stop this faulty software from throwing your device into a complete meltdown.
5 ways you're ruining your computer without realizing it
We often take our computers for granted. We interact with them so much and rely on them so heavily, we forget what can happen when they stop working.
There are countless ways we sabotage ourselves by overloading the computer with useless data, ignoring regular maintenance and forgetting to take routine security precautions. In short, many of us are destroying our computers, one tiny mistake at a time.
This 'popping noise' from your laptop isn't a good sign
After mixed reviews and battery issues out of the gate, Apple’s latest versions of the MacBook Pro weren’t the runaway hits fans had hoped for.
The new laptops are touted as the thinnest and lightest MacBook Pros ever made, and, with the addition of significant hardware upgrades like the OLED Touch Bar and Touch ID sensor, they’re certainly the most advanced.