do you restrict file uploads?

Question

My security team is worried about allowing customers to send us image files in messenger. Is this a valid concern? Is there a way to get malware through messenger? Is anyone here restricting your file uploads?This is my third company that I've been at that uses intercom, and I've never heard this concern expressed before. So while I don't want to dismiss it, the documentation feels pretty clear about how safe this is. Plus, I need customers to be able to send us screenshots.  Thanks in advance.

Paul Byrne · Accepted Answer

Hey ​@Anthony Miller 2To reassure your security team: Intercom takes file upload security seriously, especially for images and attachments shared through the Messenger. When a customer sends a file (like a screenshot), Intercom scans it for potential threats and stores it securely. We restrict executable file types (like .exe, .bat, etc.) from being uploaded entirely, and known malware types are blocked automatically.Key points to share with your team:Images and common file types (like PNG, JPG, PDF) are allowed, but Intercom blocks potentially dangerous formats.Uploaded files are scanned and served securely via Intercom’s CDN.You can’t run or execute any uploaded file directly from Messengerthey’re just attachments, not active content.There’s no way for a customer to inject or execute malware via image uploads in Messenger.Let me know if you'd like to explore restricting certain file types or setting up a workflow to review incoming files happy to help find the right balance between usability and security!

Join the Intercom Community 🎉

Intercom Customers and Employees

Login to the community

Intercom Customers and Employees

Scanning file for viruses.

This file cannot be downloaded