Windows File Explorer offers a lot of options to change how you view files. What you might not know is that one important option is disabled by default, even though it's crucial to the security of your system.
File extensions are important
File extensions are three- or four-letter suffixes that appear after the final period of a file name, such as .txt, .exe, or .pdf. These extensions act as identifiers so that the operating system (and you) can instantly recognize what type of file they are.
Windows uses file extensions to determine which application to launch when you double-click a file. For example, an .exe file will launch an application, while a .docx file will open a Word file in Microsoft Word . Many programs save files with a specific file extension, which can then only be opened in that program (or a compatible third-party tool).
One important advantage of being able to see file extensions is the ability to detect potentially dangerous files. Certain extensions such as .exe, .bat, .cmd, .vbs, and .scr (among others) can be malicious files designed to run malicious code on your system. These files often use file extensions used by legitimate Windows tools and programs, so detecting them can be quite difficult.
Despite their importance, file extensions are hidden by default in all modern versions of Windows. This is done to create a cleaner user interface in File Explorer. However, malware creators often use hidden extensions to disguise malicious executables as harmless-looking documents to trick users into running malware on their PCs, so it’s best to leave them visible.
Show file extensions on Windows
Luckily, showing file extensions on Windows only takes a few clicks. On Windows 11, just open File Explorer with the Windows key + E shortcut , click View in the top bar, hover over Show , and select File name extensions . You’ll see the file extensions for all the files saved on your computer.
If you don't see the top bar in File Explorer, you can also show file extensions from Windows settings. Follow these steps:
Especially if you're using an older version of Windows, Control Panel is also useful for displaying file extensions:
You can also show file extensions by making a small change to the Windows Registry, but you should avoid doing this. The three methods above will work on any version of Windows you’re using in 2025 and are much less error-prone. However, if you want to quickly show file extensions, just run this command in Windows Terminal or PowerShell :
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /t REG_DWORD /d 0 /fThis command will add the necessary entries to the Windows Registry to tell File Explorer to start displaying file extensions. Remember to refresh File Explorer with the F5 key to see the changes.
How attackers exploit hidden file extensions
As mentioned, hackers often exploit hidden file extensions on Windows to disguise malicious files as harmless files. For example, a file named image.png.exe will appear as a PNG image file in File Explorer with a hidden file extension, when in fact it is an executable file that can run malicious code or malware when launched.
This technique is called a “double extension attack,” and it’s the most common type of file extension attack you’ll see. Fortunately, as long as the file extension is enabled, these malicious EXE files are fairly easy to spot and avoid. However, this isn’t the only technique that tries to use hidden extensions to trick you. Some other common methods include:
|
Technique |
For example |
Describe |
|---|---|---|
|
Right-to-Left Override (RTLO) |
image[RTLO]gpj.exe appears as image.exe.jpg |
The attacker used the Unicode character U+202E to reverse the file name. |
|
Whitespace Padding |
document.pdf[insert 100 spaces].exe |
You can put more whitespace between the fake and real file extensions, so the real file extension will be pushed off the screen even if the file extension is displayed. |
|
Icon Manipulation |
The document.exe file with a PDF icon |
This is a simple technique where criminals will change the malicious file's icon to a more familiar icon, such as a PDF or JPG icon. |
|
PIF file |
document.pif |
The PIF file extension is automatically hidden by Windows, even if file extensions are enabled. However, PIF files are rarely used in modern versions of Windows. |
As you can see, there are a number of tricks an attacker can use to trick you into running a malicious executable file that you might think is an image. However, by spending just a few seconds displaying file extensions on Windows, you can fall for this trick before you accidentally launch any malware on your PC.
File extensions help identify the type of file you're dealing with, but Microsoft's default practice of hiding them in File Explorer leaves an opening for malicious files to disguise as malicious. Don't fall for these tricks! Show file extensions and always double-check a file before opening it, especially if it's from the Internet or you didn't ask for it.
Error code 0xc0000098 in Windows causes a blue screen error on startup. The ACPI.sys driver is often to blame, especially on unsupported versions of Windows 11 like 23H2 or 22H2 or Windows 10.
In some cases, sometimes you start your computer in Safe Mode and the computer freezes. So how to fix the error in this case, please refer to the article below of WebTech360.
Snipping Tool is a powerful photo and video capture tool on Windows. However, this tool sometimes has some errors, such as constantly displaying on the screen.
Every network has a router to access the Internet, but not everyone knows how to make the router work better. In this article, we will introduce some router tips to help speed up the wireless connection in the network.
If the results seem slower than expected, don't be too quick to blame your ISP - mistakes when performing the test can skew your numbers.
In the article below, we will introduce and guide you to learn about the concept of QoS - Quality of Service on router devices.
Windows has a built-in Credential Manager, but it's not what you think it is—and certainly not a replacement for a password manager.
Microsoft charges for its official codecs and doesn't include them in Windows 10. However, you can get them for free without pulling out your credit card and spending $0.99.
While having trouble accessing files and folders can be frustrating, don't panic—with a few simple tweaks, you can regain access to your system.
After creating a USB boot to install Windows, users should check the USB boot's performance to see if it was created successfully or not.
Although Windows Storage Sense efficiently deletes temporary files, some types of data are permanent and continue to accumulate.
You can turn off Windows 11 background apps to optimize performance, save battery and reduce RAM consumption.
When a computer, mobile device, or printer tries to connect to a Microsoft Windows computer over a network, for example, the error message network path was not found — Error 0x80070035 may appear.
We can block Internet access for any application or software on the computer, while other programs can still access the network. The following article will guide readers on how to disable Internet access for software and applications on Windows.
Instead of paying $30 for a year of security updates, keep Windows 10 safe until 2030 with this simple solution.
Error code 0xc0000098 in Windows causes a blue screen error on startup. The ACPI.sys driver is often to blame, especially on unsupported versions of Windows 11 like 23H2 or 22H2 or Windows 10.
In some cases, sometimes you start your computer in Safe Mode and the computer freezes. So how to fix the error in this case, please refer to the article below of WebTech360.
Snipping Tool is a powerful photo and video capture tool on Windows. However, this tool sometimes has some errors, such as constantly displaying on the screen.
Every network has a router to access the Internet, but not everyone knows how to make the router work better. In this article, we will introduce some router tips to help speed up the wireless connection in the network.
If the results seem slower than expected, don't be too quick to blame your ISP - mistakes when performing the test can skew your numbers.
In the article below, we will introduce and guide you to learn about the concept of QoS - Quality of Service on router devices.
Windows has a built-in Credential Manager, but it's not what you think it is—and certainly not a replacement for a password manager.
Microsoft charges for its official codecs and doesn't include them in Windows 10. However, you can get them for free without pulling out your credit card and spending $0.99.
While having trouble accessing files and folders can be frustrating, don't panic—with a few simple tweaks, you can regain access to your system.
After creating a USB boot to install Windows, users should check the USB boot's performance to see if it was created successfully or not.
Although Windows Storage Sense efficiently deletes temporary files, some types of data are permanent and continue to accumulate.
You can turn off Windows 11 background apps to optimize performance, save battery and reduce RAM consumption.
When a computer, mobile device, or printer tries to connect to a Microsoft Windows computer over a network, for example, the error message network path was not found — Error 0x80070035 may appear.
We can block Internet access for any application or software on the computer, while other programs can still access the network. The following article will guide readers on how to disable Internet access for software and applications on Windows.
Instead of paying $30 for a year of security updates, keep Windows 10 safe until 2030 with this simple solution.
