ITM is an open framework - Submit your contributions now.

Infringement

Account Sharing

Service Account Sharing

Data Loss

Denial of Service

Disruption of Business Operations

Excessive Personal Use

Exfiltration via Email

Exfiltration via Media Capture

Exfiltration via Messaging Applications

Exfiltration via Other Network Medium

Exfiltration via Physical Medium

Exfiltration via Screen Sharing

Exfiltration via Web Service

Harassment and Discrimination

Inappropriate Web Browsing

Installing Malicious Software

Installing Unapproved Software

Misappropriation of Funds

Non-Corporate Device

Providing Access to a Unauthorized Third Party

Public Statements Resulting in Brand Damage

Regulatory Non-Compliance

Sharing on AI Chatbot Platforms

Theft

Unauthorized Changes to IT Systems

Unauthorized Printing of Documents

Unauthorized VPN Client

Unlawfully Accessing Copyrighted Material

ID: IF010
Created: 01st June 2024
Updated: 16th January 2026
Platforms: WindowsLinuxMacOS
Contributor: The ITM Team

Exfiltration via Email

A subject uses electronic mail to exfiltrate data. This can be achieved through including data in the email subject line or body, or utilizing email attachments to send files.

Subsections (2)

ID	Name	Description
IF010.001	Exfiltration via Corporate Email	A subject exfiltrates information using their corporate-issued mailbox, either via software or webmail. They will access the conversation at a later date to retrieve information on a different system.
IF010.002	Exfiltration via Personal Email	A subject exfiltrates information using a mailbox they own or have access to, either via software or webmail. They will access the conversation at a later date to retrieve information on a different system.

Preventions (1)

Detections (10)