Other issues in this category (64)
To spread malware over removable media, criminals often abuse the autorun feature, use hidden files and resort to social engineering tricks. For example, they take advantage of the fact that in Windows, file extensions, which indicate what type of file is involved, are hidden by default.
For example, should we beware of the file kitty.jpg? Of course we should because in reality it can be kitty.jpg.exe—and, as you know, that changes a lot.
Another malicious program paid a visit to one of our offices.
A machine infected with some malware created a file named New Folder.exe on a thumb drive.
And because filename extensions are usually hidden in Windows Explorer, users only see "New Folder" and the standard folder icon.
Actually, it’s not a folder but a file. You can check this easily: just view the properties of this "New Folder".
We can see that this is an application, i.e., an executable file in the guise of a folder.
The idea is simple: the user sees a new folder on the flash drive, clicks on it to view its contents, and through those finger movements actually install the malware on their own computer.
When Dr.Web scans files, it doesn't factor in their name extensions. Rather, it analyses file contents. It opens files and analyses their structure to determine what kind of files they are.
This also decreases file scanning time because once the file type is determined, only the necessary routines need to be applied.
To prevent Windows from hiding filename extensions, open Folder options. Unfortunately, the location of these settings is different under different versions of Windows. In Windows 7 you need to open the Control Panel, select Folder Options and move to the View pane. Under Windows 10, open File Explorer, go to View, select Options and choose Change folder and search options.
To see extensions, clear the Hide extensions for known file types checkbox.#Windows #malware #social_engineering #removable_media #terminology
Configure your system so that you can see hidden files and extensions.