To bring any disciplinary for this, they'd have to prove beyond doubt that you did it. You could easily claim it was sent by email and you simply deleted them as soon as you saw them. You could claim that someone else used that PC. I work in the defence sector and even on our network I could plant files on someone else's PC. I could even edit the created and modified date to say it was done on a day that I wasn't even at work. Hell I could change the name of the person that created/edited the file to the MD of the company if I wanted to. I once changed someone's desktop background to a giant photo of Big Bird and remotely flipped someone's screen upside down. Don't accept anything and let them try to prove beyond doubt that it was you, because i'm telling you they can't. Anything is possible with 95% of commercial IT infrastructures and even the IT dept won't know all the hacks and backdoors in their own systems. That's why big companies pay people like my closest friends to actively hack their networks to help them increase security.