Computer files have specific characteristics depending on the program that was used to create them. File extensions are a way of labelling the names of files so you and your computer can keep track of what they contain.
File extensions are a way of letting the user and their computer know what type of program created any given file.
Computer files have specific characteristics which depend on the software that created them. If you try to open a file using the wrong program, it will fail to open or sometimes even crash the program. The last part of the file name is used to indicate the type of file so the computer can open the correct program when you want to use the file.
In the early days of the personal computer, file names consisted of up to seven characters followed by a file extension consisting of a full stop and three characters. But since 1995, file names can be much longer and the main part of the name can include full stops. So now the last full stop in the name is considered to mark the start of the file extension.
Why a file extension is useful
A file extension is useful in two ways. It helps you identify the type of document. So, for example, a file with an extension of .jpg is a photo and a file extension of .exe tells you it's a program. A file extension also allows your computer to run the correct program automatically when you double-click on the file name. This is very convenient, but it does mean that your computer could be compromised by malicious files.
By default, Windows hides file extensions from the user. For example, a photo named 'HolidaySnap.jpg' will appear in My Documents or Windows Explorer as 'HolidaySnap' without the .jpg extension.
Once long file names capable of including multiple full stops became standard, attackers soon found they could use hidden file extensions to fool users into running malicious programs.
You might get an email with a file attachment that looks like 'FunPhoto.jpg'. But in reality it would be a file called 'FunPhoto.jpg.exe' - not a photo at all, but a malicious program. The .exe extension wouldn't be displayed, and as you would probably be unfamiliar with file extensions (because Windows hides them), you might not notice anything unusual and be persuaded to double-click on the file, thinking it was a photo. The malicious program would run, compromising the computer. Such attacks are still very common.
Keeping your file extensions secure
There's a way to protect yourself from these kinds of attacks - you can turn on the display of file extensions. In the 'Folder Options' menu of any folder, select 'View' and uncheck the line labelled 'Hide extensions for known file types'. File extensions will thereafter be displayed in full. Then you can see what the file really is before deciding whether to open it.
The computer will still blindly use the real file extension to open the file, so you can still be caught out by double-clicking on a malicious file - but you will at least have enough information to decide whether the file is obviously unsafe to open. It pays to have all the information, but it's essential to be vigilant as well.