IT services Trois-Rivières

You receive an email with an attachment named invoice.pdf. You double-click it, and instead of a document, a virus installs itself. The problem: the real file name was invoice.pdf.exe, but Windows 11 had hidden the ".exe" part. You never saw the trap coming.

This missing setting is costing individuals and small and medium-sized businesses (SMBs) hours (and sometimes much more) throughout the Mauricie region. The good news is that it can be fixed in about ten seconds. Here's how to display file extensions in Windows 11, why it's a basic security practice, and how to use it to spot a malicious file before it causes damage.

Quick answer: Open File Explorer, click the "View" menu in the top bar, go to "View," and then check "File name extensions." That's it. You now see the true type of each file (.pdf, .docx, .exe), which helps you avoid disguised files.

1. What is a file extension?

The extension is the short string of letters after the period at the end of a filename. It tells Windows what type of file it is and which program to use to open it. You encounter it every day without always noticing it:

  • .docx or .doc : a Word document
  • .xlsx : an Excel workbook
  • .pdf : a PDF document
  • .jpg or .png : an image
  • .exe, .msi, .bat : a program that runs on your computer

It's these last three that pose a risk. An image file or a PDF simply displays content, whereas an executable file can install software, modify your system, or launch ransomware. Being able to distinguish between the two at a glance is already a layer of protection.

2. Why does Windows 11 hide them by default?

For the sake of simplicity, Microsoft hides the extensions of known file types during installation. The initial idea was to present a cleaner interface to the general public. The problem is that hackers have long since figured out how to exploit this setting.

When the extension is hidden, a file called contract.pdf.exe appears simply as contract.pdf. By adding a fake PDF icon, the hacker tricks you into thinking it's a harmless document. You double-click it in good faith, and the malware runs. This is one of the oldest and most effective techniques for spreading malware via email.

Displaying file extensions doesn't offer 100% protection, but it does eliminate the element of surprise. A file ending in ".exe" when you're being told it's an invoice is an immediate red flag.

IT services technician who restores a client's infrastructure after an incident

3. Display extensions in 3 clicks

The fastest method is directly through File Explorer. This works on any Windows 11 computer, at home or in the office.

  • OpenFile Explorer (the folder icon in the taskbar, or the Windows key + E).
  • In the top bar, click on Show.
  • Hover over Show in the dropdown menu, then check File name extensions.

It's immediate: all your files now display their full extension. The setting is global, so it applies to all your windows and remains active after a restart. To disable it later, simply follow the same steps and uncheck the box.

4. The alternative method: Explorer Options

If you manage multiple workstations or prefer the old settings window, there is a second way that also works on Windows 10.

  • In Explorer, click the three dots in the toolbar, and then click Options.
  • Go to the Display.
  • In the advanced settings list, uncheck "Hide extensions for known file types".
  • Click Apply, then click OK.

This window is useful in a business environment, as the same panel also allows you to display hidden files and system folders. Microsoft documents all of these display settings, which is helpful if you want to standardize the configuration across all your team's workstations.

5. Recognizing a malicious file by its extensions

Once the file extensions are visible, make it a habit to check the end of the name before opening anything that arrives via email, USB drive, or download. Here are the warning signs that should make you hesitate:

  • A double extension like ".pdf.exe", ".docx.scr" or ".jpg.bat". No legitimate document works like that.
  • An executable extension (.exe, .msi, .bat, .cmd, .scr, .js) attached to an email that claims to be an invoice, delivery note, or payment notice.
  • A compressed file (.zip, .rar) which, once opened, contains an executable instead of the promised document.

When in doubt, don't double-click. Delete the email or have the file reviewed by your IT team. If your SME wants to reinforce these kinds of habits and filter out dangerous attachments before they even reach your inboxes, our managed IT services cover email protection and employee training. This simple practice perfectly complements the Canadian Centre for Cyber ​​Security's advice on phishing and malware.

OKTO Solutions' IT team securing a client's workstations in Mauricie

6. Best practices for your SME

Displaying file extensions is an excellent starting point, but it's a step that needs to be integrated into a broader routine to truly reduce risks on your workstations:

  • Standardize the setting across all company computers, ideally via group policy or your remote management tool.
  • Train your staff to check the extension before opening an attachment, especially for departments that receive a lot of invoices.
  • Keep your antivirus software up to date and use email filtering to block dangerous files upstream.
  • Keep recent and tested backups ; it's your best insurance if malware does get through anyway.

In Trois-Rivières, as elsewhere in the Mauricie region, most incidents seen among SMEs begin with a simple click on the wrong file. Proper configuration and good reflexes nip most of these attacks in the bud.

Frequently Asked Questions

How do I view a file extension in Windows 11?

Open File Explorer, click "View" in the top bar, then click "View" again and check "File name extensions". All your extensions will then become visible across all your folders.

Is it risky to display file extensions?

No, on the contrary. Displaying file extensions doesn't modify any files and doesn't weaken your system in any way. It's even recommended for security, because it helps you spot executable files disguised as documents.

Why does Windows hide extensions by default?

Microsoft hides them to simplify the display for the general public. The downside is that this setting makes it easier for hackers to disguise programs as fake PDFs or images. Therefore, displaying them is a good idea.

Secure your workstations with an IT partner in Mauricie

Displaying file extensions takes ten seconds, but truly protecting an SME requires a comprehensive approach: workstation configuration, email filtering, backups, and training. If you want to set all this up without the hassle, explore our IT services for SMEs or contact our team in Trois-Rivières. We'll take care of securing your devices so your employees can work with peace of mind.