PDF Word Excel
← Back to Blog

Sharing Files Safely: PDFs, Photos, and the Mistakes That Cause Leaks

By Vinay Kumar

When companies suffer a data leak, the news usually says "hacked." Often the truth is more boring: someone shared a file with the wrong person, or with permissions set too loosely, or with sensitive content that should have been removed first.

The same applies to personal sharing. The dangers are smaller in scale but the patterns are identical.

Mistake 1: Sharing the whole file when only part is needed

The most common mistake. You receive a request for one page, you send the whole document. The reader now has access to everything else inside it.

Habit fix: before clicking send, ask, "does the recipient need everything in this file?" If not, trim it down. Use a delete-pages tool to remove what isn't needed. Save as a new file. Send that.

Mistake 2: Forgetting about metadata

Word documents, PDFs, and even photos carry hidden information. Author name, company name, GPS location of where the photo was taken, original file path on your computer, comments and revisions.

Before sharing a file outside your trusted circle, strip the metadata. Most tools have an "inspect document" or "remove personal information" option. For photos, turn off location data when sharing on social media.

Mistake 3: Public cloud links that anyone can access

Sharing a Google Drive or Dropbox link is convenient. But the default "anyone with the link can view" setting means that link, if it ever ends up in someone else's hands — forwarded by mistake, posted somewhere, indexed by a search engine — gives total access.

For sensitive documents, share to specific email addresses, not via a public link. Set an expiry date if your service supports it. Revoke access once the recipient has downloaded what they need.

Mistake 4: Sharing the editable version when read-only would do

If you only want someone to read a document, send a PDF, not a Word file. If you only want them to view a photo, send a watermarked or lower-resolution version, not the original. Editable formats can be modified, repurposed, or repackaged in ways you might not anticipate.

Mistake 5: Forgetting to protect highly sensitive files

For anything truly sensitive — bank statements, medical records, legal contracts — encrypt the file and share the password through a separate channel. Email the file, send the password on WhatsApp or Signal. Even if the email account is breached, the file is useless without the password.

Mistake 6: Not considering screenshots

Anyone you share a file with can take a screenshot, no matter how clever your sharing controls. Restricting access prevents bulk leaks but doesn't prevent a determined recipient. Be thoughtful about what you share with whom in the first place.

A small mental check before you click send

If this file ended up on the front page of tomorrow's newspaper, would I be embarrassed? Would anyone in the file be harmed? If yes to either, slow down and re-check what's inside, who you're sending it to, and how.

Most leaks aren't dramatic hacks. They're small habits, repeated over years. Better small habits make safer sharing.