File extensions can be faked – that file with an
.mp3 extension may
actually be an
executable program. Hackers can fake
file extensions by
abusing a special
Unicode character, forcing text to be displayed in
reverse order.
Unicode SKULL AND CROSSBONES – The Still Life (Photo credit: schoschie)
Windows also hides file extensions by default, which is another way
novice users can be deceived – a file with a name like picture.jpg.exe
will appear as a harmless
JPEG image file.
Read More
http://www.howtogeek.com/127154/how-hackers-can-disguise-malicious-programs-with-fake-file-extensions/