Infringement

Codebase Integrity Compromise

Data Loss

Delegated Execution via Artificial Intelligence Agents

Denial of Service

Digital Defacement

Disruption of Business Operations

Excessive Personal Use

Exfiltration via Automated Transcription

Exfiltration via Email

Exfiltration via Media Capture

Exfiltration via Messaging Applications

Exfiltration via Other Network Medium

Exfiltration via Physical Medium

Exfiltration via Screen Sharing

Exfiltration via SMS/MMS

Exfiltration via Web Service

External Credential Sharing

Harassment and Discrimination

Inappropriate Web Browsing

Installing Malicious Software

Installing Unapproved Software

Internal Credential Sharing

Service Account Sharing

Misappropriation of Funds

Misuse of Corporate Communication Channels

Non-Corporate Device

Physical Sabotage

Providing Access to a Unauthorized Third Party

Public Statements Resulting in Brand Damage

Regulatory Non-Compliance

Sharing on AI Chatbot Platforms

Theft

Unauthorized Changes to IT Systems

Unauthorized Presence in Restricted Physical Areas

Unauthorized Printing of Documents

Unauthorized VPN Client

Unauthorized Work Location

Unlawfully Accessing Copyrighted Material

ID: IF010
Created: 01st June 2024
Updated: 16th January 2026
Platforms: WindowsLinuxMacOS
Contributor: The ITM Team

Exfiltration via Email

A subject uses electronic mail to exfiltrate data. This can be achieved through including data in the email subject line or body, or utilizing email attachments to send files.

Subsections (2)

ID	Name	Description
IF010.001	Exfiltration via Corporate Email	A subject exfiltrates information using their corporate-issued mailbox, either via software or webmail. They will access the conversation at a later date to retrieve information on a different system.
IF010.002	Exfiltration via Personal Email	A subject exfiltrates information using a mailbox they own or have access to, either via software or webmail. They will access the conversation at a later date to retrieve information on a different system.

Preventions (1)

Detections (10)