Definition[edit | edit source]

An e-mail attachment (or email attachment) is

[a] file that has been added to an email — often an image or document. It could be something useful to you or something harmful to your computer.[1]

Overview[edit | edit source]

In MIME, the standard Internet e-mail format, messages and their attachments are sent as a single multipart message.

Worms and viruses are often distributed as attachments to e-mail messages. With vulnerable e-mail programs the virus may be activated by viewing or previewing the message; more robust programs only allow infection if the user opens the attachment for execution. Unexpected e-mail with attachments should always be considered suspicious and dangerous, particularly if not known to be sent by a trusted source.

Many organizations prevent incidents by configuring their e-mail servers (and possibly e-mail clients as well) to identify suspicious e-mail file attachments and either remove the attachments from the e-mails or block the e-mails themselves. For example, many organizations block attachments with file extensions that are often associated with malware (e.g., .pif, .vbs) and suspicious file extension combinations (e.g., .txt, .vbs, .htm, .exe). Although this can stop unknown threats, it might also inadvertently block legitimate activity. Some organizations alter suspicious e-mail attachment file extensions so that a recipient would have to save the attachment and rename it before running it, which is a good compromise in some environments between functionality and security.

References[edit | edit source]

  1. Cyber Risk and Insurance Forum (CRIF) Cyber Security Glossary (full-text).

This page uses Creative Commons Licensed content from Wikipedia (view authors). Smallwikipedialogo.png
Community content is available under CC-BY-SA unless otherwise noted.