To think email isn't a secure way to share your passport etc

[nuvverfing]

I have a virtual job interview next week, and the employer has asked me to email them my passport in advance, as well as showing it at the interview. They have referenced this Government guidance for identity checks: www.gov.uk/guidance/coronavirus-covid-19-right-to-work-checks#updated-advice-for-employers-carrying-out-right-to-work-checks-during-coronavirus-covid-19-adjusted-measures

Surely email isn't a secure way to share personal identity docs? I'm surprised the Government is encouraging it. I will do it, as I haven't been offered an alternative, but it feels uncomfortable. Just me?

BTW, when a friend's email got hacked I had an actual conversation back and forth with the hacker who was pretending to be her. They really are that bold.

I got suspicious by the second or third short email as the tone wasn't her.

Couldn't raise her immediately on the phone, so asked the emailer to tell me a personal detail (obscure fact about obscure family member who wouldn't be on Facebook or otherwise known to someone with access to her accounts or devices).

The emailer immediately stopped replying to me.

Turned out her email really had been hacked. She had a bit of hassle sorting it out.

EmmaH2022 I don't use WhatsApp so I'm afraid can't comment on that.

I usually try to send photocopies of passport, etc, by post. I take the point by FarFarFarAndAway that something identifiable as a passport might be targeted by a thief within the Post Office, but an A4 photocopy is indistinguishable from any other letter. The exception might be when dealing with a large organisation where you don't know if the mail is opened by some random far from the recipient or even by an outsourced mail-processing service.

If I were ever forced to send a passport scan by email, I would send it as a password-protected document, as suggested by a PP, and then transmit the password separately NOT BY EMAIL. This will protect the document even at rest.

(I don't know how to set up password-protected docs: I'm still using dupes of the one set up by a friend to email me something sensitive. She works in IT in a secure environment, and this was her preferred method.)

I find it maddening that apparently the passport is so vital a piece of identification that nothing can happen without it, but at the same time so little effort is made to keep this vital information secure!

You can verify a driving licence online with the DVLA, with the licence holder generating a check code, for when you hire a car. Seems we need something similar for passports.

Thank you
i'd just be worried they'd open it with the password and then save it on their system. The paper copy seems so much better.

Unless you have 100% faith in the outfit you are sending the data to (which is impossible for me) then fretting over how you actually get the data to them in the first place seems a little ... illogical.

There are apps specifically designed for sending personal information like this, our solicitor used one when we remortgaged last year and needed to verify our identity. I think it was called credas.

Everything we were told not to do, we're suddenly being asked to do.

YES! This drives me potty.

I was recently dealing with a property maintenance company (part of a large estate agents, so not some one-man-band). Shortly afterwards, I received an email:
– from a company I'd never heard of <RED FLAG>
– instructing me to click on a link <RED FLAG>
– with the subject "Finance", so presumably asking me pay money or at least give my financial data on the link <RED FLAG>

It did mention my address and I was indeed expecting a bill from the maintenance co, so I phoned them to find out if it was connected. Oh yes, they said, we and the estate agent outsource all our payment stuff to this third-party accounting company.

So someone at a financial services company thinks it's smart to send out emails which look exactly like a scam email. If people within the financial field are behaving like this, and training the public to accept such emails as normal, we can hardly be surprised fraudsters are so successful.

Have to agree OP, and I'd have second thoughts about whether or not I'd want to work for such a company. I'd propose calling into their offices and showing it to someone.

I increasingly wonder if the sellers believe it or just find it the easiest way for them to make money. Like many things online!

Wrong thread 🤦🏽‍♀️

I had similar with a text from my credit card company. I called them because I thought it was a scam and it was real!

i think it was total lack of professional standards. That seems rampant now.