The Nigerian Communications Commission (NCC) has advised users of the popular messaging app, WhatsApp, to set up Two-Factor Authentication (2FA) to safeguard their accounts against unauthorized access by hackers. In a statement released on Tuesday, the NCC’s Computer Security Incident Response Team (NCC-CSIRT) warned that WhatsApp, owned by Meta, has become a prime target for hackers and scammers.
According to the advisory, 2FA is a security method that requires two forms of identification to access resources and data, making it an identity and access management security method. The NCC-CSIRT stated that 2FA is crucial for individuals and businesses because it prevents cybercriminals from stealing, accessing, or destroying sensitive information.
The CSIRT noted that WhatsApp provides two-factor authentication, which is an optional feature that adds more security to users’ accounts, and it is recommended that everyone installs it. The advisory stated ten steps for enabling 2FA on WhatsApp, which include opening WhatsApp, tapping settings, tapping account, tapping two-step verification, tapping enable, entering the six-digit PIN, and adding an email address for extra security.
For users concerned that their PIN might have been compromised or is easy to guess, they can change their WhatsApp PIN or email address by tapping settings, selecting two-step verification, and then tapping change PIN or change email address. The CSIRT is the telecom sector’s cyber security incidence center set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.
The NCC-CSIRT recommends that all WhatsApp users should enable 2FA to add an extra layer of security to their accounts. By doing so, they can avoid falling victim to account takeover by hackers and scammers who are always looking for ways to gain unauthorized access to users’ accounts. With this advisory, the NCC-CSIRT aims to help safeguard the most vulnerable information and networks of individuals and businesses against cybercriminals who seek to exploit them
