Back to Blog
Security28 November 2025

Why Email Attachments Are the #1 Cause of Breached Confidentiality

Every forwarded attachment is a lost audit trail. We look at why email is the weakest link in document security, and what to replace it with.

Here's a confronting statistic: more than 60% of confidential document breaches in Australian professional services firms start with an email attachment. Not sophisticated hackers, not insider threats — just an advisor, accountant, or lawyer hitting "attach" on a PDF.

Why email is the weak link

Email was designed in the 1970s for academic researchers sharing text. Every feature we've added since — attachments, HTML rendering, auto-forwarding — has compounded the security problem rather than fixing it. A single attached document creates at least four copies: your sent folder, the recipient's inbox, any server it traverses, and whatever device they opened it on. Once it's in their inbox, you have zero visibility and zero control.

The forwarding problem

The real risk isn't interception in transit (TLS covers that for modern mail servers). It's what happens after delivery. Your recipient forwards the email to a colleague for a second opinion. That colleague forwards it to their phone to read later. That phone syncs to a home computer. A week later, someone's junior assistant is copying the PDF to their personal Dropbox to work on the weekend. You, the sender, have no idea any of this has happened.

Password-protected PDFs don't help

The standard response is "I'll just password-protect the PDF and send the password separately." Two problems with this. First, PDF passwords are trivial to strip — there are free online tools that do it in under a minute. Second, the password usually ends up in a follow-up email or a text message, so you're still relying on transport security for the one thing you wanted to protect.

What works

The fix is to send a link instead of a file. The link takes the recipient to a controlled environment where you can verify their identity (email code), require NDA acceptance, apply a watermark, track their activity, and revoke access whenever you want. If they need to forward it, you can invite the second person directly and still see what they're doing. The audit trail belongs to you, not to whoever's sitting in someone's Outlook archive.

The rule of thumb

If the document is routine (meeting notes, agenda, marketing deck), email is fine. If the document is something you'd be uncomfortable seeing in a news article, it needs a better channel than email.