Are you seeing double?

Question : if you received this file in an email and saved it to your desktop, would you open it?

Looks innocent enough right? And it has a name about a topic that most people would be very curious to read about.

When you buy a new computer, do you take measures to set it up so that it is secure, such as installing anti-virus software and/or firewall program, deleting pre-installed apps that you won't need, etc.?

Most people don't. They plug it in and off they go.

What many people don't realize is that most computers come with a default setting to not show file extensions on the desktop or in the file explorer. So if a user had a Word document named Important Questions on their desktop it would show as Important Questions (with the Word program icon) and not Important Questions.docx.

Believe it or not, this plays right into the hands of bad actors. They don't want you to take those few extra moments to secure your computer. It makes their job of getting into your system that much harder if you do.

And you definitely should take those few extra moments, because then you would see that the full name of the file pictured above is actually 

Look at the file name again. See anything unusual?

The file name actually includes 2 file extensions at the end.

Using a double file extension like this is another common attack vector employed by bad actors. This file isn't an Excel file at all, it's an HTML file that would take you to a malicious site if you double clicked it.

It only takes a few seconds to enable file extensions so that they show on your system.

To enable file extensions in Windows, you have several options:

1. Open File Explorer

2. Click the View tab

3. In the Show/hide group, select the File name extensions check box.

You can also enable by going to Folder Options:

1. In the Start menu, search for 'folder options'

2. Click the View tab

3. Uncheck the 'Hide extensions for known file types' box

If you use Linux, you will need to search for the instructions for your specific version of Linux. Most versions have it automatically but each version is different and the steps may vary a bit.

A few seconds is all that might separate you from clicking or not clicking a malicious file that appears to be safe.

It's a dangerous world out there! Think secure and stay safe!

Until next time......Code Geek out!