Sending personal data, copies of documents and payment information on popular instant messengers like WhatsApp and Telegram can be dangerous. This was told to socialbites.ca by Pavel Korostelev, head of the product promotion department at the Security Code.
When accounts on these messengers are hacked, all the recorded data will be at the disposal of the attackers, who can use it against the victim.
“According to a passport, for example, attackers can take out microcredit because in such organizations there is not much attention paid to who exactly gets the loan. Also, attackers with certain information can retrieve the missing information, such as the TIN, and then use all this in another attack against the user. For example, send a fairly reasonable letter with a false link to payment, where “the Federal Tax Service reports unpaid penalties,” the expert explained.
At the same time, according to Korostelev, scammers do not even need to search for sent documents in chats – they can do this automatically.
“There is software that can ‘play’ files with a certain extension. So if you sent a copy of the passport, for example in PDF format, a properly configured malicious program would be able to automatically find that particular file type,” he said.
Korostelev believes that using instant messengers to send personal data and copies of documents is in principle not worth it. But if there is no other data sharing option, you will have to resort to the help of trusted services.
“Signal, Threema and Wickr have been recognized as such by information security experts based on last year’s results. Experts described WhatsApp as the most insecure,” he added.
If WhatsApp and Telegram are still used to send personal data and documents, then, according to Korostelev, it is better to exclude them from correspondence. It is also worth remembering that, for example, the same WhatsApp can store correspondence not only on the device, but also in cloud storages of iCloud and Google Cloud, which are assigned to Apple and Google user accounts. That is, if you do not pay attention to this fact, attackers will have the opportunity to restore correspondence history even after deletion from the messenger.
Formerly socialbites.ca Wrote Experts recommend having two phone numbers to reduce the number of fraudulent calls.