We all use WhatsApp to a greater or lesser extent as the main instant messaging application. In fact, today, this app has approximately 900 million active users and more than 100 million calls are exchanged per day (not counting short messages or chats).
But do we really use it safely to guarantee our privacy?
In today’s TIP we want from Secure&IT to provide you with the following recommendations, so that you use this and other equivalent applications properly (for example, Teams, Zoom, Telegram, etc.):
- DNI, Passport or equivalent identity document: It is an increasingly common practice to send photos of these documents to different recipients for different reasons, however, it is also a high-risk habit for our privacy. Because with the mere copy of these documents, an unauthorized third party could have all the basic information necessary to impersonate our identity.
- Statements or financial and banking information (including the Income Statement or payroll) : It is not recommended to provide this confidential information by these means. Not because the recipient misuses it, but because the person requesting it may be a cybercriminal who has impersonated our contact. Or also because our contact can lose the mobile or have it stolen, and with it the information.
- Professional or business information: The purpose of using these applications is to facilitate conversations and direct interconnections between users. But we should never use the chats of these applications, as a repository for documents and other information. Especially if it is confidential information about our company, entity or organization. Professional information, always by email, preferably encrypted, or authorized cloud.
- Compromised photos: With the use of new technologies and especially social networks, the protection of our privacy has lost importance. However, there are cyberattacks known as “man in the middle” that consist of spying on the conversations of two users and getting “in the middle” of those communications to get hold of all the information exchanged, including photos.
- Hoaxes or fake news and unethical messages, videos or photos: Sending these types of files about a person, whether we know them or not, and whether they contain violent, sexist, pornographic or unethical content, implies that we are complicit in the virality of that message. Therefore, we remind you that attacking the privacy or morality of a person (even mere retransmission) is a criminal offense that can lead to criminal proceedings.
We also remember that it is completely discouraged to provide this same information through pages, platforms, clouds and/or any other means that are unreliable. Because we may apply all appropriate security and privacy protection measures, however, once submitted, we lose control over that personal information.