Skip to main content

How to deal with suspicious email attachments safely

As you’re no doubt aware, just because an attachment comes with an email from a friend, that doesn’t necessarily mean that it’s safe. That friend may have had his or her machine compromised by a virus which is now attacking all their contacts, or they may just have sent you something unaware that their PC is compromised. At any rate, any time you receive an EXE file, program, Word doc or PDF file attached to an email – or any file format, for that matter – caution is the best policy.

These sort of potentially dangerous attached files often just look wrong. Some are filled with misspellings and poor grammar. Others relate to institutions or accounts that have no connection with the recipient. Sometimes, though, it's hard to tell, and an attachment can look perfectly legitimate – but you still might be a little suspicious for whatever reason.

One obvious step to take is to email your friend back and double check that they definitely sent the message/attachment (and it hasn’t been automatically fired off by some sort of virus infection).

Another tactic you can pursue any time you're unsure about a file attachment is to get a quick analysis by submitting the file to Virus Total, which will run the file through over 40 antivirus scanners and list its results, usually within a minute or two. You can also request analysis via email by forwarding the message and attachment to and changing the message subject to SCAN. If all 40 scanners report the file is clean, it almost certainly is (though Virus Total does not guarantee that it's harmless). If not, you'll know just what threat was involved, and you can inform the sender.