Cybersecurity News South Africa

7 tips from Kaspersky on using Telegram privately and securely

Following WhatsApp's privacy policy update fiasco, experts from global cybersecurity company Kaspersky have offered seven tips on how to make a user's experience on Telegram as secure and private as possible.
Photo by Luis Villasmil on Unsplash
Photo by Luis Villasmil on Unsplash

Kaspersky said the following in a statement: "When discussing the privacy and security of messenger apps, one needs to understand that the Telegram’s functionality goes beyond the simple messages exchange and has many surprising features.

With Telegram's user-base exceeding over 500 million active monthly users recently, as confirmed by its founder, it now combines elements of a massive communication hub, messaging board and social media – and its security and privacy concepts differ from others."

The seven tips:

  1. Pick a username and use it instead of your actual name or associated phone number when chatting with others.

  2. Enable 2FA for your account. If someone tries to take control over your account, hijacking a voice call or a text message with a temporary verification code won't be enough. The attacker will still have to deal with your password. If it's strong and unique, the account takeover will become a significant problem. This feature is available in "Settings" - "Privacy and Security" - "Two-step Verification".

  3. When chatting with others, consider using the "Secret Chats" feature. It means your account and chats will have better encryption, where each message is encrypted with two keys available only for you and your recipient.

  4. Use a VPN connection when chatting or calling others. It is essential to bring an extra layer of security on your side.
  5. Regularly review the "Active Sessions" option available in "Settings" - "Privacy and Security". It helps to find out if your Telegram account is enabled on any other device besides yours. If you find anything unknown or suspicious, terminate those sessions and change your "Two-step verification" password.

  6. To maximise your privacy integrity, when signing up on Telegram, use a virtual number instead of your real mobile number. Make sure it is not a disposable virtual number; otherwise, someone can still hijack your account. Your virtual number is the one you own and is not connected to your mobile carrier.

  7. Make sure your information is private to the point comfortable to you. There are several settings that you can play up or down in terms of exposure to the world around by accessing "Settings" and then "Privacy and Security".

Some additional tips include:

  • Who can view your phone number? - Choose "Phone number" and for the setting “Who can see my phone number?” switch it to "Nobody", and for "Who can find me by my number?" switch it to “My Contacts”.

  • Who can view your activity? - Tap "Last Seen & Online" and switch it to “Nobody”.

  • Who can see your profile? - Go to "Profile Photos" and choose "My Contacts".

  • Who can view your account by tapping your name on the message forwarded from you? - Select "Forwarded Messages" in the part of "Who can add a link to my account when forwarding my messages?" and chose “My Contacts”.

  • Who can call you? - Tap "Calls" - if you want to get calls from anyone on the Internet just because they have your username, then chose Everybody. There is an essential setting here. When we call on each other, in most cases, it's a peer-to-peer connection. It means the call is established directly between two or more users without going through Telegram servers. While this improves call quality, it reveals the User's IP address. For enhanced security for the setting "Peer-to-Peer", use the “My Contacts” option.
Let's do Biz