How does Lever handle viruses in candidate files?


Lever scans all files when they are uploaded to your Lever instance. This includes files and resumes that:

  • A candidate uploads with their application
  • A user manually uploads to a candidate profile
  • A user attaches to an email template (read our help article on email templates to learn more)
  • A user uploads as an offer letter template (read our help article on offer letter templates to learn more)
  • Sync to the candidate profile from email attachments

When downloading a file from your Lever instance, you will be presented with any findings from our virus scan. Uploaded files likely do not contain viruses, so you will only see a warning in the following scenarios:

Scenario #1: A file contains a virus

When you choose to download a file that is infected with a virus, we will display a warning. Only download this file if you acknowledge the accompanying risk.

File infected with virus warning modal

Scenario #2: A file was not scanned

We are rarely unable to scan a file for any viruses. When this scenario does occur, you will see this warning:

Unable to scan virus warning modal

We suggest that you return back to the candidate profile and try to download the file again. Attempting to download the file again will allow Lever to re-scan the file, which can take a few seconds.

Scenario #3: A non-approved file extension

This warning does not indicate that a file contains a virus, but it does indicate that the filetype has been known to carry malicious code, and warns the user about the heightened risk. You will see this warning if the file you are trying to download is NOT on Lever's approved list.

Approved file extensions:

.ace, .ai, .aif, .aiff, .ams, .art, .asf, .att, .avi, .bmp, .bz, .bz2, .cab, .cal, .cda, .cdr, .cdt, .cdx, .cfb, .cmf, .cmp, .cmv, .cpr, .cwk, .cws, .dcr, .dcx, .dib, .dir, .doc, .docm, .docx, .dot, .dotm, .dotx, .drw, .dsm, .emf, .eps, .fax, .fh3, .fif, .fp, .fp3, .fpx, .frm, .gal, .gem, .gif, .gim, .gix, .gna, .gnx, .gra, .hex, .hqx, .html, .icb, .idd, .iff, .ima, .img, .it, .jbf, .jff, .jif, .jpeg, .jpg, .jtf, .kdc, .kfx, .lbm, .lzh, .m3d, .mac, .mcw, .mdl, .mdn, .med, .met, .mic, .mid, .mmm, .mod, .mov, .mp3, .mpe, .mpg, .mpeg, .mpp, .mtm, .mus, .mvb, .nsa, .obd, .odg, .odp, .ods, .odt, .pages, .pbm, .pcs, .pct, .pcx, .pdf, .pgm, .pic, .png, .pnt, .potm, .potx, .ppam, .ppm, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .pre, .prs, .ps, .psd, .qt, .qtm, .ra, .ram, .ras, .raw, .rm, .rmi, .rtm, .rtf, .s3m, .sdr, .sdt, .sea, .sep, .shg, .shw, .sit, .sldx, .sldm, .snd, .stm, .svx, .tga, .tgz, .tif, .tiff, .ult, .uue, .vda, .voc, .vst, .wav, .wb1, .wb2, .wdb, .wil, .wk1, .wk3, .wk4, .wks, .wmf, .wmv, .wow, .wp, .wpg, .wpw, .wp4, .wp5, .wp6, .wpd, .wps, .wpt, .wq1, .wq2, .wri, .ws1, .ws2, .ws3, .ws4, .ws5, .ws6, .ws7, .wsd, .wvl, .xlam, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xtp, .xy3, .xy4, .xyp, .xyw, .zoo

If the file you are attempting to download is uploaded with a non-approved extension,you will be presented with a warning. Only download a file that does not have an approved extension if you understand the risks.

Was this article helpful?
2 out of 2 found this helpful