Dual extension is a file-naming technique often used in cyberattacks to disguise malicious executable files as harmless documents or images. This trick involves naming a file with two extensions, such as 'invoice.pdf.exe.' Since some operating systems or email clients may only display the first extension (e.g., '.pdf'), users might believe the file is safe to open. However, the actual extension (e.g., '.exe') determines the file type and behavior. When the user opens the file, it executes the malicious code, potentially infecting the system. Dual extension attacks exploit user trust and system settings to bypass basic security awareness and protections.