NB: If you've received a WeTransfer link that doesn't seem genuine, please have a look at our article on phishing attempts, here.
Behind the scenes, we are working hard to actively block and prevent spammers from misusing our platform to send malicious files. For this reason, we have implemented a number of security measures to our service. These include the need to verify your transfer before it's delivered with the use of a verification code which is sent exclusively to your email inbox. Without it, your transfer cannot be sent.
As an additional security layer, Ultimate, Teams, and Enterprise users benefit from automatic malware scanning on their downloads. If you are subscribed to any of these plans, every time you open a WeTransfer link, the content will be scanned against millions of known malicious files. Look for the banner in the picture to make sure that your transfer has been scanned and found free of known malware.
While we do our best to keep our technology up to the highest standards, please remember that no malware technology tool is bulletproof and you should always use caution and good judgement. If you believe you have received spam files in a transfer, here are some items to double-check before downloading your files:
-
Rule number 1: are you expecting a transfer, or has this landed in your inbox out of nowhere? If the transfer is unexpected, proceed with caution.
-
You have no idea who the sender is. Seriously - who is that?
-
You recognise the sender but the address is different or you weren't expecting to receive files from them. Always check with your known contact first!
-
The files being transferred are suspiciously small. Often not bigger than a couple hundred KB. This small little file could have quite a large and nasty surprise hidden within it.
-
Is the file name in the email referring to an invoice or payment? Or asking you to download a “proposal”? Or anything suspicious of the sort involving money?
-
The message field contains a URL that leads you away from your inbox and away from our homepage to a completely different URL address with your email address at the end of the link. Don't open that page.
-
The files being transferred are .jpg, .scr, .exe, .doc, .html files, designed to look like a harmless JPG file but actually contains more malicious content.
The golden rule to follow however is trusting your instincts and always check if you know the sender. If you do know the sender, and you are still unsure about the files, reach out to them before you download anything. Or contact us, so we can check the safety of the transfer for you.
You can use the Report this transfer button as seen in the image below.
Or you can reach out to our Support team here.