If you absolutely must check a suspicious file, never open it on your main system. Security pros use:

Attackers use names like "HolidaySnaps," "Invoice_Overdue," or "Salary_Review" because they trigger an immediate emotional response. You see a file that looks personal or urgent.

Files named like Photo1.jpg.exe . If your computer hides file extensions (a common default setting), it just looks like a photo, but it's actually an executable program.

A .rar file full of high-quality vacation photos should be hundreds of megabytes. If the file is tiny (under 1MB), it’s almost certainly a script, not photos.

If you were to unarchive a malicious "HolidaySnaps.rar," you wouldn't find .jpg files. Instead, you'd likely find:

An online tool where you can upload the file (or the link to it) to be scanned by 70+ different antivirus engines simultaneously.