The Computer Security Incident Response Team of the Nigerian Communications Commission (NCC) has warned that WhatsApp is increasingly becoming a prime target for hackers and scammers who are always looking for ways to gain unauthorized access to users’ accounts.
The NCC-CSIRT in its latest advisory advised users in Nigeria to be security conscious while using the service, while recommending that every WhatsApp user should set up Two-Factor Authentication (2FA) to avoid falling victim to account takeover by hackers.
The CSIRT described two-factor authentication (2FA) as an identity and access management security method that requires two forms of identification to access resources and data.
Explaining why WhatsApp users need to activate the two-factor authentication, the NCC-CSIRT in the advisory said:
“In the world of messaging apps, one of the most popular and recognizable is WhatsApp. WhatsApp is 100 per cent free to use, has a great mobile app, and supports audio and video calls. Whether you rely on WhatsApp for all your messaging needs or just use it from time to time, it is recommended to set it up with two-factor authentication (2FA). With this enabled, you will need to enter a custom PIN every time you log in to WhatsApp from a new device, adding an extra layer of security to your account.”
“Two factor-authentication gives businesses or people the ability to monitor and help safeguard their most vulnerable information and networks. The 2FA is important because it prevents cybercriminals from stealing, destroying, or accessing your internal data records for their use.”
For those concerned that their PIN might have been compromised or is easy to guess, they can change their WhatsApp PIN or email address by tapping settings; tap Two-Step Verification, tap Change PIN or Change Email Address, enter a new PIN or email address, and then tap ‘next’ to effect the necessary changes.
The CSIRT is the telecom sector’s cyber security incidence center set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large. The CSIRT also works collaboratively with ngCERT, established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting, and securing Nigerian cyberspace to forestall attacks, and problems or related events.