Intercom scans all attachments and uploads for conversations and tickets. We check content for malware or suspicious configuration from all channels, and block them to keep your team safe while using our product.

There are certain attachment types that we block in Intercom, since they are known vectors for malware (e.g: executable files), however we also let you trust and block certain attachment types in the Settings > Workspace > Security section of your workspace.

You can view the safety status of the attachments before opening the files. This allows you to safely open files from your customers, and helps you better understand the possible risks before opening them.

Statuses include:

In order to protect you from any danger coming through file uploads from bad actors, we do a detailed mime type check on all files uploaded.

The mime type of the files uploaded is checked and if there is any mismatch between the expected mime type for the file extension and the actual mime type detected, you will be informed about this mismatch.

Default supported file types include:

You can allow other files types by going to Settings > Workspace > Security > Attachment settings. Allowed file types should be accessible straight away.

To allow other file types, enable the toggle for "Allow leads and users to send other file types" and then enter your accepted file types. You must include a period before each extension and separate each file type with a comma, for example .jpg, .png, etc.

Checks are applied for image files as well, and the file will get quarantined if any of the conditions below are satisfied: