WeTransfer wordmark
WeTransfer wordmark
  • Home
  • About us
  • English English Français Español Italiano Nederlands Deutsch
  • Contact Support
WeTransfer We Logo Help Center
  • About us
  • English English Français Español Italiano Nederlands Deutsch
  • Contact Support
  1. WeTransfer Support
  2. Security/Privacy
  3. How we keep you safe

How to recognise malicious files which are spam

NB: If you've received a WeTransfer link that doesn't seem genuine, please have a look at our article on phishing attempts, here.

Behind the scenes, we are working hard to actively block and prevent spammers from misusing our platform to send malicious files. For this reason, we have implemented a number of security measures to our service. These include the need to verify your transfer before it's delivered with the use of a verification code which is sent exclusively to your email inbox. Without it, your transfer cannot be sent.

If you happen to accidentally download the file, and it's a PDF or Word document, it may ask you to enable prompts. By doing so you might give these spammers access to your data. So, please, don't enter your personal data such as email passwords.

If you believe you have received spam files in a transfer, here are some items to double check before downloading your files:

  • Rule number 1: are you expecting a transfer, or has this landed in your inbox out of nowhere? If the transfer is unexpected, proceed with caution.

  • You have no idea who the sender is. Seriously - who is that?

  • You recognise the sender but the address is different or you weren't expecting to receive files from them. Always check with your known contact first!

  • The files being transferred are suspiciously small. Often not bigger than a couple hundred KB. This small little file could have quite a large and nasty surprise hidden within it.

  • Is the file name in the email referring to an invoice or payment? Or asking you to download a “proposal”? Or anything suspicious of the sort involving money?

  • The message field contains a URL that leads you away from your inbox and away from our homepage to a completely different URL address with your email address at the end of the link. Don't open that page.

  • The files being transferred are .jpg, .scr, .exe, .doc, .html files, designed to look like a harmless JPG file but actually contains more malicious content. 

The golden rule to follow however is trusting your instincts and always check if you know the sender. If you do know the sender, and you are still unsure about the files, reach out to them before you download anything. Or contact us, so we can check the safety of the transfer for you. 

You can reach out to our Support team here. 

Navid
Updated September 17, 2021 13:00

Contact Support

Beautifully obvious tools to keep your ideas moving.


  • WeTransfer,
  • Collect,
  • Paper,
  • Paste
  • and

  • WePresent.
  • About
  • Terms
  • Blog
  • Jobs
  • Newsroom