This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 57.00000000000001%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
A user recently forwarded me an email that seemed to be malicious, typical open fax scam (Subject: OnlineFax Document...). But with the wrinkle that I was unable to inspect the email because it was encrypted as a "message_v2.rpmsg". I was unfamiliar with that attachment so I ran a search in Microsoft Defender 365 for that file type and the only hit was the user sending it to me. I checked Explorer (in MS Defender 365) for the sender and found that the email came in totally diffrent, diffrent text and diffrent attachments (PNG's). I thought this might be a fluke on the users client so I downloaded the message from Explorer and tried to open it on another client and it did the same thing, says something about encryption and has the rpmsg attachment. I even tried opening it in Thunderbird and got the same thing. So I'm very curious why does Explorer show me one thing and it is totally diffrent when I open it with Outlook? If it is encrypted how does explorer know what to show?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 62%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJZ%3C/text%3E%3C/svg%3E)
Hi @Sean Kuchle ,
Which account you use to open the encrypted mails in outlook? Admin account or normal user account?
I have done some research on .RPMSG File Extension, it indicates that the RPMSG file is sent to recipients as an attachment to a normal Outlook message. The message explains it contains protected content, and it includes a link that can be used to open the RPMSG file. Only specified recipients can open RPMSG files. For more details: .RPMSG File Extension
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
Thank you for the response but I'm not sure the account matters.
What does the message look different in Explorer vs Outlook, can Explorer see into encryption?
Hi @Sean Kuchle ,
You can use explorer to view email's details by giving account specific permissions, in order to check if the issue is related with account, you may need to open the encrypted mail in outlook through the same account with explorer, then you see if the mail show difference between outlook and explorer. If there is no difference between outlook and explorer when you use the same account to check the mail, the issue may be related with account permission.
What does the message look different in Explorer vs Outlook, can Explorer see into encryption?
Sorry for that I haven't seen an article on this yet, and I'll try to look at it again.
Hi @Sean Kuchle ,
Have you checked if the issue is related with account through above suggestion?