Skip to Content

How to spot disguised malicious files before they infect your computer

Imagine that you get an email from an acquaintance with an MP3 file attached. The email says that this is the best song ever, and you’ll love it. An MP3 is harmless enough, so you download it and try to play it.

You can’t hear any music, but you notice your computer is acting funny. You run a virus scan and it turns out that your computer is infected with a nasty bug. Obviously, the MP3 file was to blame, but probably not in the way you think.

Note: Need to protect your files? IDrive lets you backup data on every internet enabled gadget in one account. This means you get one account for your computers, laptops, tablets, phones as well as your online accounts like Facebook and Instagram. Click here to learn more about IDrive and use promo code KIM to save 50 percent on 2 TB of your cloud backup! 

Savvy scammers can manipulate a file’s extensions to disguise what kind of file it is. As a refresher, the file extension is the .xyz at the end of a file. So, an MP3 is .mp3, a video file could be .avi, .mov, .mp4 or something else along those lines, a photo can be .jpg, .bmp, .raw, and so forth.

Then there’s .exe. This is the extension for an executable file, which is what actually executes the program’s code. It’s usually the extension of the file you double-click to install or open a program, including most viruses. Unfortunately, hackers have two ways to disguise .exe files so you don’t spot them until it’s too late.

1. Hidden file extensions

Every modern version of Windows hides file extensions by default. This does make file names look cleaner, but it also makes this scam tactic much harder to spot.

A hacker simply has to name their file “myphoto.jpg” and it looks like a .jpg file. However, if you could see the hidden extension, it would really be “myphoto.jpg.exe.” Fortunately, you can see file extensions with a simple setting tweak.

In Windows 8 and 10, open any folder and click the “View” tab at the top. Check “File name extensions” and you’ll immediately start seeing extensions on every file.

Windows 10 file menu

In Windows Vista and 7, open any folder and click “Organize” in the upper left corner.

Windows 7 file explorer organize

Go to “Folder and Search Options” and then click the View tab. Uncheck the box that says “Hide extensions for known file types.”


Then click “OK” and now you’ll see the full extension for every file.

2. Reversed file extensions

This doesn’t eliminate the fake file extension problem entirely, though. A savvy hacker can actually manipulate the name of a file so it appears backward. So they can apply a special character code to the file name that turns “3pm.exe” into “exe.mp3.”

Of course, that doesn’t do much to hide an .exe file, but there are other virus-deploying file types, including .bat, .cmd, .com, .lnk, .pif, .scr, .vb, .vbe, .vbs and .wsh. If you see three letters that don’t make any sense just before a file extension, beware.

Sound like too much to remember? There are four steps you can take to avoid getting tricked with this method.

1. Have security software installed

This is the first rule for securing any computer system because it eliminates 99 percent of the threats to your computer right away. Even if you do download a disguised malicious file and run it, your security software should catch it before it gets too far. Here are 5 signs your computer might have a malware infection.

However, once you download a file, it stands a better chance of getting past your security, either using a flaw in the operating system or another program. That’s why we have the second rule.

2. Don’t download files from email

As a rule, you should never download files from email attachments. If someone sends you an email with an unexpected attachment, call or text them to make sure they really sent it. Even if you recognize the sender, hackers might have taken over their email or it could be a phishing email pretending to be from a recognizable company.

3. Don’t download files from questionable sources

You’re browsing online looking for music, photos, movies, eBooks or other files. Suddenly you find the motherload of free content you’ve been after!

Before you start the downloading frenzy, take a second to consider the site and why it’s there. It might be someone posting out of the goodness of their heart, or it could be a hacker trap. If the content you’re looking at is less than legal, the chances it’s a trap go up a lot. Even if it isn’t a trap, however, you shouldn’t be stealing anyway.

4. Don’t use an administrator account

This rule requires a little more work, but it’s worth it. There are several kinds of Windows accounts, but it’s likely that you’re using an administrator account. If so, that means you can install programs and make setting changes without having to enter a password. That’s convenient, but it’s also good news for a virus.

Switching your main account over to a standard account instantly makes it much safer. If you try to run a music file or open a photo, and your computer asks for your password so it can install a program, you know something is wrong. You can stop the virus from installing before it starts. Learn how to set up your Windows accounts for safety.

Bonus tip: In case your computer does get infected with malware, you need to have your data protected. Our sponsor, IDrive, lets you backup all your PCs, Macs and mobile devices into ONE account for one low cost!

IDrive plans start at just $5.95 per month for 2 TB of storage, and there’s even a free option for up to 5GB of storage! Click here and use promo code KIM to receive a special discount of 50 percent.

More from

What is Facebook cloaking, and why is it so dangerous? 

Phishing emails tricking people into falling for tech support scams

Does your teen have a fake account online?

cryptocurrency e-book hero

New eBook: ‘Cryptocurrency 101’

Don't want to lose your dough to crypto? Check out my new eBook, "Cryptocurrency 101." I walk you through buying, selling, mining and more!

Check it out