Among the most dangerous types of malicious mail are the ones with viruses, malware, ransomware or trojans attached.

These attachments will be disguised as common files such as PDFs, Word files etc.

But downloading an attachment doesn’t need to be a leap of blind faith. Use your email program to investigate these attachment threats FIRST before downloading or opening a file.

Flagged as spam or moved to spam folder

  • If the mail has been automatically flagged as spam, delete any email with attachments if you are not 100% confident you were expecting to receive it.

Do you know and trust the sender?

  • Consider who is sending the file. Do you trust them? Is it an unsolicited email?


  • Look at the file type .exe or .msi files are programs that will run or install.


  • Like programs, beware of .bat, .sh, .js or .cmd files as these will also run if you open them.

Double extensions

  • Look at the file name. If it lists two filetypes in the name i.e. invoice.exe.pdf or report.txt.exe, it is probably a dangerous file.

Zips and archives

  • If it is an unfamiliar format or archive you were not expecting i.e. yourPDF.rar or

Scan with Antivirus

  • If you do download an attachment, right click on it and look for your Antivirus’s Scan options from the context menu.