Fact Check: Are email attachments not secure?

Email window prototype with a document with a slash through it
Justin Neiman
February 2, 2021

Anyone emailing any a file that has sensitive data, should rethink their actions. Tossing a file in an email even if it is small and going to a friend or college is incredibly easy, but extremely unsecure. To put it bluntly, if your not okay with someone you don't know getting the information, remove the attachment.

Email wasn't created to be secure.

Don’t send your sensitive documents over email. It may seem private, but even if you’re using an email account that uploads attachments over a more secure HTTPS connection, like Gmail, you have no control over your recipient’s server, and they may download your attachment from an unencrypted HTTP connection. Now say they did that from a public Wi-Fi network. Things just got very unsecure.


The data spreads when you email it, now it's out of your control. Sending an email from google to someone with a yahoo address. Now your file and the data within it is on both google and yahoo servers. What if either of those companies has a data breach? Or if one of the devices that has access to the email is stolen or lost? That data can now be exposed.

Once you attach a file to an email and hit send, the data is bundled up and sent over the wonderful World Wide Web. There are some not so great people in the world looking to get your information and abuse or even sell it. Malicious users can intercept email data and intercept it while it's being sent from your email provider to the recipient's email provider.

There are ways to encrypt the files and send it in an email. But if you are doing it quite often or in a business solution Zapa Client Portals might be a good solution to look into. This keeps your files secure at all times and was developed to keep your data safe.