Reposted with permission:
Follow this easy-to-use rule: If you receive a message with an attachment, do not open the attachment unless it is from someone you know ***AND*** you are EXPECTING it.
If you need something more complex, consider the following additions.
Rule #1a: If you receive an attachment from someone you know and you're not expecting it, check with the apparent sender before opening it.
Rule #1b: Assume any attachment is deadly until proven otherwise.
Rule #1c: Scan every attachment with an up-to-date antivirus program, but do not assume that the file is safe if the AV program doesn't find anything.
Rule #1d: Make sure that Windows shows you the extensions of all file types and assume that ANY file with a double extension (such as "badfile.txt.scr") is harmful.
[Source: Bill Blinn, Technology Editor, Newsradio 610 WTVN, Columbus, Ohio]
