The best advice concerning email attachments I could ever give is to simply never open them. But that’s unreasonable considering so many people trade files in email these days, be it documents, video clips or the like.

There are certain file types I absolutely will not open, or will use an alternative method to open them with.

And here they are:

.EXE

Fortunately, most email servers outright ban the use of sending .EXE files and I think that’s a good judgment. This is an executable file in Windows. You have no idea what it will do. And it may not be something your anti-virus/spyware/malware scanner can detect. You never know.

On the extreme rare occasion I get one of these, I will only open it in a virtual machine environment. And if it blows that up, no big deal because I can just kill the session and create another.

.ZIP

When one cannot send an .EXE, they archive it with ZIP and send it that way. Well, it’s just as bad.

.PDF, .DOC, .XLS

DOCs and XLSes can contain anything from simple macro viruses (relatively harmless but just annoys the crap out of you) to full-blown malicious code.

I do not open these locally. Instead I bring them into Google Docs.

Funny, true and somewhat sad story:

Years ago at a help desk job, the manager walks in and tells us all that there’s a particular applicant (we needed a position filled) who absolutely won’t be getting the job. Why? Because he sent his resume as a Word DOC, and it had a macro virus in it.

See the irony here. The guy was applying for a tech-help position yet sent his resume with a virus in it. Just plain sad.

.WMV, .ASF, .ASX, .MOV

WMV is Windows MediaVideo. ASF is Advanced Systems Format. ASX as Advanced Stream Redirector (yet has an X and I don’t know why, nor do I care). MOV is the Apple Quicktime Movie format.

All of these are video formats. And all routinely contain malware in them. I won’t open any sent to me.

Workaround: If it’s something I have to view, I’ll upload it to YouTube as a private video and watch it that way. Yes, that’s a real long runaround just to watch a vid, but it guarantees no malware code will be launched on my local system.

Is there a safe video format? Yes. MPEG or just MPG. But nobody uses that anymore unfortunately. Not when trading files in email anyway.

File formats I have no problem opening

Any image (BMP, GIF, JPG/JPEG, TIF/TIFF)

To the best of my knowledge there is no malicious code that can be executed from a static image format. With project files (such as Adobe Photoshop projects) I’m not sure.

HTML formatted email

I used to be very anti-HTML when it comes to email but not so much these days. Both local email clients and web-based ones have become "smart" enough not to load images or any other "bad" stuff automatically like they used to.

Audio files (MP3, WAV)

I have never received a virus or been infected with malware from a static audio file.

Unknowns?

If I receive an email with an attachment that has a format I’ve never seen before, I’ll Google it first to see what it is and decide whether to open it or not.

Example: I received a file from a friend once that was a 3G2, and had no clue what that was. I Google’d it and found it was a video file. In particular, 3GP format. When someone sends a video to you from their cell phone, chances are it will be this file type. You can use Quicktime to view it or just upload to YouTube privately to check it out.

Being it was sent to my email from a cell phone, I knew there was no virus or malware within it and it was safe to open.

I recommend this to anyone who receives files where you just don’t know what it is. Google it first and make your call from there.

Are there attachments you absolutely won’t open?

Let us know in the comments.

I, like a lot of you out there, use online banking. If I remember correctly I first started using it in 2003 or 2004. The NetTeller system was what my bank at the time was using. Was it free? Ha! No. I had to pay a fee just to apply for it back then. The bank I was using weaseled $15 out of me even though I was doing them a favor just by using it. Thankfully all modern online banking is free these days.

NetTeller was clunky, very un-user friendly and looked like it had been programmed in 1998, but it did do its job.

To note, only smaller banks usually use NetTeller. It’s billed as a "turnkey cost-effective solution", which translates to "Run a bank? Are you cheap and can’t afford to program your own online banking system? Use us!" Smaller banks will also usually charge fees just to use this type of system for the wad of cash they shelled out just to get it. But I digress.

There are a few things I’ve learned over the years when it comes to banking online. Some I’ve learned the hard way. This will be presented in question and answer style.

Q: Is it better to have the online system mail a standard payment check or for you mail it yourself?

A: Let the bank do it.

First of all, you save the cost of a stamp. Secondly, if the bank mails a check and it doesn’t get there, you can blame the bank and be 100% in the right because they were the ones that were supposed to get it there on time.

To date, I have never had a mailed check from the online banking system not arrive when the system said it was going to.

If you live in an area where the mail system is just outright crappy (which unfortunately happens in some parts in the world), that is even more of a reason to have the bank do the mail-outs for you.

Q: Is it better to have the online system mail out a high-priority payment check or you mail it yourself?

A: This one is the exact opposite, you mail it.

High priority payments should be done by overnight check mail-outs so they can be tracked.

For example, if you were going to send an overnight payment to a credit card company, you call them up, ask for the "priority" or "emergency" physical payment address (because you can’t overnight a check to a PO Box), then do your overnight mail-out that way.

You may ask, "Couldn’t I have just done an electronic payment? That’s supposed to be processed in 24 hours, right?"

Yes, it’s supposed to be. But some companies have become shifty and will delay electronic payment processing by up to seven days, thereby making your payments late. One wonders if this is done on purpose.

When you mail and track it, you have physical proof it got there on time, regardless of when whom you sent the payment to processes it.

With electronic, the receiving system may subject you to delayed payment processing. I would not trust the "processed in 24 hours" claim for a hot minute.

Q: Should you trust electronic drafting?

A: Only if you watch your bank account like a hawk.

Some people have some or all their bills set to have the payment be automatically drafted when the payment is due.

As to what you should trust with electronic drafting, this is dependent on whether or not the monthly amount due is consistent or not.

With credit cards there is little to no consistency due to the ever-changing rates. I strongly advise against having a credit card company auto-draft payments.

With wireless phone plans, these are also inconsistent unless you always stay within your allowed minutes and data allowance per month.

For car payments, yes you could auto-draft because the payment is always the same. There is consistency here.

For mortgages, if it’s fixed-rate, yes you could auto-draft because once again you’ve got consistency from payment to payment.

But as I said in the beginning, auto-drafting serves you best if you watch your bank account like a hawk. You have to confirm that any money taken out was the proper amount for each payment. To me it is worth the slight inconvenience to manually send out payments so I know exactly what’s going out.

Q: Is it safe to go "paperless"?

A: This depends on whether you value physical copies of bank records or not.

All banks encourage their customers to use paperless statements, as in the kind that’s delivered to your email address and nowhere else.

Person A would say, "Yes, that would be more convenient. I get enough postal mail as it is and less mail is better."

Person B would say, "To conduct business with a bank and not have physical paper records of your transactions is foolish."

Person B is correct. You should keep paper records of statements.

Going paperless is safe, but not necessarily smart. Database records can change dynamically. Physical printed paper records cannot.

Final notes

Online banking is something that is best practiced in moderation. I would never tell anybody to conduct 100% of their transactions and other banking activities online because it’s too easy to lose track of where you money is coming and going. There are times when you need to physically mail stuff out and have paper copies of transactions for record keeping. There’s simply no way around that.

Do you trust your bank’s online system?

Has it worked for you? Did it work well or was it awful? What would you tell people to watch out for with online banking? Let us know in the comments.