WeTransfer is a convenient way to send and receive files that are too large to be sent by email. But is it safe and secure enough to send sensitive documents and photos? We break down the risks and when you should use it.
Jump to…
What is WeTransfer?
Is WeTransfer secure?
WeTransfer limits
Should you send files via WeTransfer?
WeTransfer scams
WeTransfer alternatives
What is WeTransfer?
WeTransfer is a cloud-based file transfer service that allows users to send and receive large files over the internet. The files might be too large to be easily sent by email, or the sender might simply want to avoid taking up space in their email account.
The sender just has to go to WeTransfer’s website or app and upload files to WeTransfer’s servers. The recipient receives a link to download the files, either sent by WeTransfer via email or by the sender directly. The files are stored by WeTransfer for a fixed duration, when the recipient is able to download them.
Is WeTransfer secure?
Yes, WeTransfer has strong safeguards overall, but if confidentiality is paramount for your files, there are a few things to know before you hit “transfer.”
You might be sending a set of photos in full resolution and not worry too much about someone stealing them. But if it’s sensitive material you’re sending, such as legal documents or evidence of wrong-doing by a government or company, you’ll want to ensure that the file service you’re using has protections in place to prevent interception. Here’s what you should know about WeTransfer security.
WeTransfer encryption
According to WeTransfer, files are encrypted when they are being transferred using TLS, and they are encrypted when they are stored using AES-256. These encryption standards are strong, preventing anyone unauthorized from reading your files.
This raises the question of who is authorized. The files can only be accessed using the unique link sent to the sender and recipient. The risk is that a third party could find out the link. You could have sent it to someone unintentionally. Or a hacker with determination could attempt to intercept your online traffic to get the link. This is why you should only share WeTransfer links to sensitive files using end-to-end-encrypted methods and over secure connections (not over unsecured public Wi-Fi).
WeTransfer authentication
WeTransfer offers two-factor authentication, which makes it very hard for someone to try to access your account. Even if they find out your password, they would still need a one-time code generated by an authenticator app on your phone to get in. But you can only benefit from this feature if you choose to use it—which you definitely should!
When it comes to the file transfers, for the free tier, anyone can access the files via a link. For the paid tiers, a password can be placed on files, preventing an unauthorized person from downloading it if they manage to get the link. It’s important to only share such passwords in a secure manner, like over end-to-end encrypted communication methods.
Malware sent via WeTransfer
Attackers have taken to WeTransfer to send malicious or illegal content. This could include files containing phishing links or malware files that could lead to a takeover of a device. WeTransfer has tackled this problem by partnering with Microsoft, which has the ability to identify hosting sources for attacks used against its own Microsoft 365 customers. Using this data, Microsoft analyzes the metadata of WeTransfer files to identify problematic ones.
According to WeTransfer, this method has lowered the incidence of malicious transfers. For users, this means greater assurances that a file you’ve received is not malicious—but we would still advise not to download any file you aren’t expecting. Verify the sender and find out what the file is before downloading.
Can WeTransfer share your files with governments?
Since WeTransfer stores your files for a time period, it’s important to understand what risks come with that storage. WeTransfer is based in Amsterdam, so it follows the relatively strong EU laws surrounding data protection. But non-EU user data lands in U.S. servers by default, and it is bound by the Patriot Act to submit user information and files if compelled by government agencies.
WeTransfer limits
There are three tiers of WeTransfer accounts, each offering different limits on file sizes that you can send.
Free | Pro | Premium | |
File size per transfer | 2GB | 200GB | Unlimited |
Storage | None | 1TB | Unlimited |
Price | $0 | $10/month (for annual plan) | $19/month (for annual plan) |
Should you send files via WeTransfer?
Yes, under most circumstances, it is safe enough to send files via WeTransfer. The files you send will be encrypted, preventing hackers from accessing them. If your files aren’t sensitive, WeTransfer offers a convenient, free way to send them without taking up space in your email.
If your files are sensitive, it would be safer to use a paid tier of WeTransfer so that you can password protect the download link. Without a password, anyone who receives the link would be able to download the file.
However, using WeTransfer as a middle man inevitably introduces greater risk than sending files to someone directly, as the company’s servers could suffer a breach, or the company could erroneously send your files to the wrong person, as has happened before. That said, sending files directly (say, via email or WhatsApp) is not always possible or practical due to file size or the sheer number of files.
WeTransfer scams
If you receive a WeTransfer email notifying that someone has sent you a file, be wary of possible scams. WeTransfer-related scams can either take the form of someone sending you a fraudulent notification email that looks like it’s from WeTransfer, or someone sending a malicious file through WeTransfer.
- Fake WeTransfer notifications. Scammers may send emails posing as WeTransfer notifications, tricking recipients into clicking on malicious links or downloading harmful attachments. These emails often imitate the appearance of genuine WeTransfer notifications and may request personal information or prompt the installation of malware.
- Real notification, malicious downloads. Scammers may create WeTransfer accounts or use compromised WeTransfer accounts to send phishing emails or distribute malware. These emails may appear to come from a known contact or a trusted source, increasing the likelihood of the recipient falling victim to the scam.
WeTransfer alternatives
There are several alternative file transfer services available that offer similar functionalities to WeTransfer. Here are some popular ones:
- Dropbox, a cloud storage and file sharing service, allows users to upload and share files with others by generating shareable links. Dropbox offers both free and paid plans with varying storage capacities.
- Google Drive provides file hosting, sharing, and synchronization. It integrates seamlessly with other Google services and offers generous free storage options, as well as paid plans for additional storage.
- OneDrive is Microsoft’s cloud storage and file sharing service. It enables users to store files and share them with others, and it integrates well with Microsoft Office applications.
- Filemail allows users to send large files. It offers features such as encryption, customizable branding (so the transfer notification email has your logo), and the ability to track file downloads.
- TransferNow is a user-friendly file transfer service that enables users to send large files up to 5 GB without the need for registration. This free tier also allows for password protection for transfers.
- pCloud Transfer is a file transfer service that prides itself on being Swiss-based, meaning it has stronger data protections than most competitors.
FAQ: About using WeTransfer
Is WeTransfer free?
Yes, WeTransfer offers both free and paid options. The free version of WeTransfer allows users to send files up to 2GB per transfer, with a seven-day storage period. The free version may include advertisements. The paid tiers offer larger file transfers, longer storage periods, and more features overall.
How to use WeTransfer?
Follow these steps to send files using WeTransfer:
- Head to wetransfer.com (or use the app).
- Click on Upload files, and select the file you want to send.
- To send a transfer via email, input the recipient’s email and your email. It’s optional to input an email title and a short message to the recipient.
- Hit Transfer. Alternatively, you may get a transfer link by selecting the three dots and sending it to the recipient directly. In this case, you only need to enter the recipient’s email.
- The recipient just needs to click on the link and download the files.
Can I use WeTransfer anonymously?
It is possible to send and receive files with anonymity using WeTransfer. You do not need to set up an account to use the WeTransfer free services, which allow for transfers of up to 2GB. If you want to send something while hiding your identity, you may input the recipient’s email and generate a download link, then send that link with anonymity by using an anonymous email service, or a burner email address. The same can be said for receiving WeTransfer files; provide the sender with an anonymous or burner email to increase your anonymity.
Turn on your VPN for added anonymity. A VPN gives you a different IP address and helps to prevent metadata tracking, which can used to link back to you.
Privacy should be a choice. Choose ExpressVPN.
30-day money-back guarantee
Comments
How to get a virtual number