As cyber threats continue to evolve, it is crucial that we remain vigilant in protecting ourselves and the organisation from security risks. Messaging apps like Telegram and WhatsApp have become key communication tools, but they are also increasingly targeted by cybercriminals.
This email provides guidance on identifying phishing attempts, securing your accounts, and ensuring safe communication.
Recognising Phishing Attacks on Telegram & WhatsApp
Cybercriminals often use messaging platforms to impersonate trusted contacts or services to steal information or spread malware. Be on the lookout for:
Unsolicited Messages from Unknown Numbers – Scammers may pretend to be a colleague, vendor, or even IT support. If you receive an unexpected message, verify the sender through another channel before responding.
Urgent Requests for Personal or Company Information – Attackers may ask for login credentials, passwords, or financial details. Legitimate requests for sensitive information will never be made via Telegram or WhatsApp.
Suspicious Links or Attachments – Messages urging you to click on a link, download a file, or visit a website should be treated with caution. Hover over links to verify their legitimacy before clicking.
Fake Security Alerts or Warnings – You may receive messages claiming that your account has been compromised or needs urgent verification. Always go directly to the official app to check for security notifications.
Mismatched Language and Grammar Errors – Poorly written messages, odd formatting, or inconsistent branding can indicate a phishing attempt.
How to Stay Safe on Telegram & WhatsApp
To protect yourself and the organisation, follow these best practices:
1. Enable Two-Factor Authentication (2FA)
Both Telegram and WhatsApp offer 2FA for added security. This prevents unauthorised access even if your password is compromised.
WhatsApp: Go to Settings > Account > Two-step verification and enable it.
Telegram: Navigate to Settings > Privacy and Security > Two-Step Verification and set it up.
2. Be Cautious with Group Invites and Links
Avoid joining unknown groups or clicking on forwarded links from unknown sources. Attackers often use groups to spread malicious content.
3. Disable Auto-Downloads for Media and Files
Automatically downloading media or documents can expose your device to malware.
WhatsApp: Settings > Storage and Data > Media Auto-Download, and disable automatic downloads.
Telegram: Settings > Data and Storage > Auto-Download Media, and restrict it.
4. Verify Unknown Contacts
If someone messages you claiming to be a colleague or business contact, verify their identity using official channels before engaging.
5. Keep Apps Updated
Ensure Telegram and WhatsApp are always updated to the latest version. Updates often include critical security patches.
6. Report Suspicious Messages
If you receive a suspicious message, report it immediately within the app and notify us at soc@cyber-defence.io.
Final Reminder
Cybercriminals are becoming more sophisticated, but by staying alert and following these guidelines, we can protect ourselves and the organisation from potential threats. If you have any concerns or encounter a suspicious message, please reach out to the SOC team for assistance.
Stay vigilant and stay safe.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article