Every time a webmail service scans your attachments "for security," your documents travel to external servers to be analyzed. Local analysis offers the same protection without compromising your privacy.
Compressed files are a convenient way to send multiple documents in a single attachment. But they're also an attacker's favorite hiding spot for evading security filters and delivering malicious executables straight to your inbox.
"Enable Content" is the most dangerous button in Microsoft Office. Behind that innocent prompt can hide a malicious macro that runs with your user permissions and can fully compromise your computer.
An email says "Click here to view your invoice" and the text shows www.yourbank.com, but clicking it takes you to a completely different site. This is the principle behind masked links, one of the most common and hardest-to-detect phishing techniques.
Receiving a file called invoice.pdf.exe should set off every alarm. The double extension technique is one of the oldest and most effective tricks attackers use to disguise executable files as harmless documents.