Skip to main content
Please enter a legal issue and/or a location
Begin typing to search, use arrow keys to navigate, use enter to select

Find a Lawyer

More Options

Don’t Click on That Picture! It May Contain Malware

By Admin on July 24, 2014 | Last updated on March 21, 2019

Most Internet users are well aware that suspicious links and fishy-sounding emails may actually be attempts to gain access to your personal information or infect your computer with a virus.

But what a lot of Internet users don't know is that even something as simple as an image on your computer screen could contain malware. These programs, when downloaded to your computer, can potentially be used to steal sensitive information, leading to identity theft or at the very least compromised computer security.

How does this image-based malware work?

Steganography Made Simple

The most recent cases of images containing malware used a process called steganography, which hides a message or file inside another file, such as an image.

In a recent string of computer infections, seemingly harmless images of cats and beautiful sunsets, usually sent via email, contained malware which was downloaded onto the users' computers as a JPEG file when the users clicked on the images. This made the file appear to be just another image, perhaps one that may have gotten saved in the wrong place.

But hidden inside this JPEG file, reports digital photography site PetaPixel, was malware. The malware in these images was programmed to bypass security systems on users' computers and steal log-in information entered online, such as the usernames and passwords for online banking websites.

Watch for Double Extensions

Another possible way for image-based malware to infect Windows computers is through the use of double extensions.

According to PCWorld, this method takes advantage of Windows' file-naming conventions by adding two extensions -- the letters that identify the format of a file -- to the end of a file, such as "picture.jpg.exe."

While most Windows computers will display the file as an image using the .jpg extension, it's actually an .exe file, which denotes an "executable program." This means that as you're viewing the image, a malware program is being downloaded onto your computer and likely attempting to mine your sensitive personal data or take control of your computer.

How to Prevent Being Infected by Image-based Malware

Luckily, there are some simple steps you can take to prevent being duped by these dangerous images:

  • Don't click on images in suspicious e-mails. Just like links, you should consider any image in a suspicious email a direct digital doorway to infection.
  • Keep your software up to date. Computer companies and software makers are constantly upgrading their products to protect against new threats. Keeping up with these updates will keep you from getting left behind and potentially exposed to dangerous malware and viruses.
  • Change your settings and pay attention to file extensions. If you are on a Windows computer, change your default setting to show you the extensions of files that are being downloaded, to protect against the double extension trick. Any time you see a file ending in .exe, be especially cautious.

Regardless what operating system you use, be aware of the types of files you should and shouldn't download. One picture could be worth a lot more than 1,000 words to an identity thief.

Related Resources:

You Don’t Have To Solve This on Your Own – Get a Lawyer’s Help

Meeting with a lawyer can help you understand your options and how to best protect your rights. Visit our attorney directory to find a lawyer near you who can help.

Or contact an attorney near you:
Copied to clipboard