To change the default setting you should open Windows Explorer. At the top of the Windows Explorer window you need to click on Tools --> Folder Options (Folder Options may be listed under View in older versions of Windows). Click on the View tab and then uncheck the box labeled “hide extensions for known file types” and click OK at the bottom.
Another security precaution you should take is to disable active scripting. This relates primarily to the Windows environment, but you can check the configuration of web browsing software on other platforms as well.
Active scripting allows web pages and HTML based documents and email to run scripts and applets that execute programs. This can be used to generate dynamic content rather than simply displaying a static page and can provide you with a richer web-surfing experience.
There are many useful benefits to active scripting- both productive and some just for pure entertainment. However, allowing active scripting to run unchecked gives cyberpunks an open license to execute malicious code on your system. It may be an applet that executes when you visit a web site or a script that runs when you open an HTML-based email message. Either way it can be used to install a virus or Trojan or any other malicious code that the attacker chooses.
Because some web sites aren’t even functional without active scripting you don’t want to necessarily disable it altogether. You do want to control which sites can execute it and which can’t though. Internet Explorer uses Security Zones to assign different privileges to different web sites. You can configure settings for Trusted, Internet, Intranet and Restricted Sites (see How to Configure IE Security). Once you have the zones configured like you want them you can add web sites to the zones as needed- adding sites that you trust and that may require active scripting to run to your Trusted Sites zone.