Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned users of WhatsApp, a popular messaging app, to activate Two-Factor Authentication (2FA) to prevent hackers from taking over their accounts.
NCC-CSIRT explained that WhatsApp has become a primary target for hackers and scammers who are always looking for ways to gain unauthorized access to users’ accounts.
The advisory noted that 2FA is an identity and access management security method that requires two forms of identification to access resources and data.
“In the world of messaging apps, one of the most popular and recognizable is WhatsApp. It is recommended to set it up with two-factor authentication (2FA). With this enabled, you will need to enter a custom PIN every time you log in to WhatsApp from a new device, adding an extra layer of security to your account,” the advisory said.
The NCC-CSIRT further explained that 2FA is important because it prevents cybercriminals from stealing, destroying or accessing internal data records for their use.
“2FA gives businesses or people the ability to monitor and help safeguard their most vulnerable information and networks,” the advisory stated.
To activate 2FA on WhatsApp, the advisory recommended ten simple steps, including opening WhatsApp, tapping on Settings, Account, Two-Step Verification, enabling it, entering the six-digit PIN you wish to use, adding an email address for extra security (optional), and finally tapping Next.
If users suspect that their PIN is compromised, they can change it by tapping on Settings, Two-Step Verification, Change PIN, or Change Email Address, entering a new PIN or email address, and then tapping ‘next’ to effect the necessary changes.
The NCC-CSIRT was set up by the NCC as the telecom sector’s cyber security incidence center to focus on incidents in the telecom sector that may affect telecom consumers and citizens at large.
The CSIRT also collaborates with ngCERT, established by the Federal Government to reduce the volume of future computer risk incidents by preparing, protecting, and securing Nigerian cyberspace to forestall attacks and related events.