Typically, Telegram is hacked to obtain a ransom for a return or blackmail with personal information. You don’t have to be a celebrity or a millionaire for attackers to be interested in your account—anyone can be a target.
The analysis of what happened was disappointing: the account needed better protection. As it turned out, the Telegram accounts of many friends, relatives and colleagues were also vulnerable to hacking.
There are a few simple rules to keep your account safe from scammers.
1. Set up two-factor authentication
Two-factor authentication in Telegram can significantly increase the level of security. When connecting a new device to your account – a smartphone, laptop or tablet – you must confirm authorization in two different ways.
Enabling a cloud password is an excellent solution for this. Even if the attacker can log in using the code from the SMS, he will need to enter a unique password known only to the owner.
Setting up this feature is easy. Open Telegram on your smartphone or laptop and go to “Settings – Privacy – Cloud Password”. Set a convenient, memorable password, a hint for it (just in case), and then enter your email address. Your account is now much better protected.
2. Hide your phone number from strangers
You should only show some people the phone number linked to your Telegram account. Attackers can use it for spam or hacking attempts.
To hide the number, you need to go to “Settings” again, select “Privacy”, and then open the “Phone Number” item. You can either completely hide the number from prying eyes or set up access lists there.
3. Check from time to time where your Telegram is active
You can see which devices can access your account in the Messenger settings. If you access Telegram from a smartphone, work laptop, or home PC, all these sessions will be visible there. Telegram will even show the city where the connection was made and the approximate time.
Need help to recognize a suspicious device? It’s better to remove it immediately. It doesn’t have to be an attacker – you just logged into your account from your work phone one day and then forgot about it. But caution doesn’t hurt.
To check the list of sessions, go to Settings – Privacy – Devices. Here, you can connect a new gadget via a QR code or configure the termination of sessions if they have not been active for too long.
4. Don’t buy Telegram accounts secondhand
This should not be done, even if the seller seems verified. Such an action is contrary to the rules for using the messenger. But what if you already have several accounts – for example, for work?
Go to Devices again and end all sessions if this is the first time you have done so. Then, sign in to your account again. This will protect you from dishonest sellers. Sometimes, they save archives of active sessions after selling accounts, wait some time, and “return” the funds to themselves.
5. Be careful
No two-factor protection will save you if the owner of the Telegram account himself gives the attacker the necessary data for hacking. You should only use suspicious chatbots if you are sure of their reliability. It is also not advisable to participate in various online polls sent in private messages. Sometimes, the sender does not even suspect his link is unsafe and becomes a victim of “hijacking”. Finally, you should not log in to unknown sites using your Telegram account.
Compliance with these rules does not guarantee complete account security – unfortunately, attackers’ methods are improving daily. However, the risk of losing your Telegram will be significantly reduced.