There are increasing risks associated with using free online file conversion services online, which could expose users to cyber threats, research shows.

These websites offer fast and free conversion, e.g. *.pdf files to *.doc or *.heic images to *.jpg format, according to Kaspersky experts.

Individuals and companies that frequently convert files tend to use these tools in a hurry and may overlook certain risks associated with these “free” tools.

Software is available for computers and mobile phones that can perform the conversion, but often requires a subscription that many users are not willing to pay.

Potential risks for individuals and corporate users are most common in the area of ​​data privacy, since when files are uploaded, all information contained in that file is available to the service provider.

Also, many free tools do not specify how long they retain uploaded files, which can lead to misuse. Companies in regulated fields (e.g. healthcare, finance) can break the law by uploading sensitive files to unauthorized third-party platforms.

This can lead, as noted, to high fines and reputational damage, and if a service provider is hacked, files stored on their servers can be leaked and confidential information can be compromised. Experts also warn of malware and phishing threats.

Some dubious platforms may modify files or insert malicious code into the output file, such as embedded scripts in PDF documents or image metadata.

Some fake file conversion websites are designed to steal sensitive information, such as user login details, especially in cases where registration or subscription is required.

MITM attacks are present when attackers can intercept files if the tool uses insecure communication protocols or if the website itself is compromised.