A file extension is a string of characters preceded by a dot (.) and appended to the end of a computer filename. It usually consists of three (or sometimes four) characters, whose purpose is to identify the file type.
Some examples of common three-letter file extensions are “DOC,” which represents a Microsoft Word document file and “EXE,” which represents an executable file—a computer program that performs (or executes) a specific action (or actions) when opened. An example of a four-letter file extension is “JPEG,” which represents a compressed image file.
The following examples illustrate the format generally used for filenames and extensions:
In the hypothetical filenames above, the portion before the period (or dot, as it’s more commonly known) represents the file’s root name. The extension is added partly to allow computer files to be more conveniently categorized and organized into groups of similar files, which then become easier to locate and access. It can also indicate which computer program is required to open the file.
In theory, at least, filenames also allow the computer user to distinguish between harmless, helpful files and malicious files, which can contain viruses and other types of malicious software. While depending on file extensions to protect a computer from malware isn’t always completely effective, file extensions can often provide clues that something is amiss with a particular file.
For example, simply knowing that a file is an executable file (by the fact that it contains the “EXE” extension) can often help us avoid inadvertently downloading malicious software. If the file we’re interested in downloading presents itself as an informational text file of one sort or another and yet contains the “EXE” extension, that should tell us that downloading that file will execute some type of action which will affect our computer in some way. (And the underhanded nature of the offer should warn us that the action will likely be harmful.)
Again, should we receive an e-mail from an unknown source offering information through a link to a website, and that link contains the “EXE” extension, we can be sure that the individual who sent the e-mail intends to download a file which will execute some sort of action on our hard drive—very likely a devious one. (We can check the actual file extension, even if it’s been disguised by the link’s anchor text, by lightly passing the mouse over the anchor text, without clicking, and checking the real website URL and filename in the status bar at the bottom of our screen.)
While there are ways for computer hackers to disguise file extensions to prevent the recipient from recognizing and becoming suspicious of executable files, whenever we do see the “EXE” file extension, this should be our cue to be very cautious and not to click the link unless we know and trust its source.
Sometimes, files which contain the “DOC” extension are actually malicious files masquerading as Microsoft Word files. If your computer is set to display file extensions, however, you’ll be able to quickly see whether or not an extra extension has been added to the filename after the “DOC” (or other initial) extension, which would signal a file type other than the one indicated by the original extension. (The last extension following the final dot in the filename—when there’s more than one—is the extension that indicates the file’s actual type.)
File extensions can tell us a great deal about a computer file—particularly if we exercise both care and vigilance in evaluating them.