E-mail attachment

An e-mail attachment (or email attachment) is a computer file which is sent along with an e-mail message. The file may be sent as a separate message, but now it is almost universally sent as part of the message to which it is attached. In MIME, the standard Internet e-mail format, messages and their attachments are sent as a single multipart message.

Worms and viruses are often distributed as attachments to e-mail messages. With vulnerable e-mail programs the virus may be activated by viewing or previewing the message; more robust programs only allow infection if the user opens the attachment for execution. Unexpected e-mail with attachments should always be considered suspicious and dangerous, particularly if not known to be sent by a trusted source.

Many organizations prevent incidents by configuring their e-mail servers (and possibly e-mail clients as well) to identify suspicious e-mail file attachments and either remove the attachments from the e-mails or block the e-mails themselves. For example, many organizations block attachments with file extensions that are often associated with malware (e.g., .pif, .vbs) and suspicious file extension combinations (e.g., .txt, .vbs, .htm, .exe). Although this can stop unknown threats, it might also inadvertently block legitimate activity. Some organizations alter suspicious e-mail attachment file extensions so that a recipient would have to save the attachment and rename it before running it, which is a good compromise in some environments between functionality and security.