In the wake of the recent hackings of the WeChat accounts of many users where obscene and pornographic contents have been circulated, the Bhutan Computer Incident Response Team (BtCIRT) of the Ministry of Information and Communications has come up with some detailed advisory measures on how to secure the app. The ICT officer of BtCIRT, Pema Dhendup said that although the agency did not receive any formal complaints concerning the security issue of the app, they were made aware about it through social media and their close acquaintances.
“One of the widely used social network apps in Bhutan is WeChat. It has permeated through almost all corners of the country where 3G service is available because of its simplicity and cost effectiveness with which communication can take place. Due to this size of user base, it has become a target for misuse and abuse,” reads the advisory report from the agency. To ensure the security of the app, as per the BtCIRT, users are advised to:
Secure their password
Users are advised to set strong passwords and recommended to have a password which is 10-12 characters long. However, one can be also safe by setting the length to at least 8 characters with combination of letters, numbers and special characters like symbols so as to overcome password guessers and crackers at times.
Sign out when you are done
By default, users continue to remain signed in even after closing the app. If we happen to lose our cell phones, the app will be accessible if it hasn’t been logged out whereby hackers could then send any kind of messages or post information from ones account. Therefore one should always logout after you’re finished using the app. In WeChat you can do this by tapping the menu, followed by Settings, and finally, selecting log out.
After you successfully registering with WeChat, the first thing one should do is review privacy settings. It can be done by clicking on Me > Settings > Privacy. If you navigate to “Add me as a Friend” under Privacy, you will be able to control how you can be searched on WeChat and be added as a friend by other users. You don’t want your profile to show up in any random “People Nearby” searches launched by any random users as you can be subjected to abuse and exploitation. You can also block users that you don’t want to be concerned by. There are no restrictions or mandatory features that need to be enabled, so configure the privacy setting as you need.
Avoid using the WeChat “Shake” function
On WeChat one can find people anywhere by just shaking the phone, using features such as Drift Bottle or Find Me where people can then interact with them with greetings and other messages. However, the messages that you receive could be automated ones, which could get you subjected to spam or undesirable advertisement/propaganda. One can also be duped into sharing private information like passwords via phishing links. Unlike users found through “People Nearby” searches, it is near impossible to ascertain the whereabouts of a user as he/she could be living outside your country. Even if you manage to determine it and you choose to legally pursue the matter, you could only get yourself caught in legal complications due to discrepancies between local and foreign laws.
Take a moment before you send a message
Once you send out a message you relinquish all control over it to the recipient. One can share it to whoever they want. You can never undo this situation, although you can delete messages at your end but it is impossible to guarantee it’s off the network.
The studies by the agency found out that the China-based messenger app is extremely popular in Bhutan and it is one of the influential factors that have contributed to increased Smartphone users and internet subscription in the country. However, it is also to be noted that many people globally, have expressed concerns over security and privacy of user data.
Pema Dhendup said that although the exact reason for the sudden hackings of the WeChat accounts cannot be ascertained, he supposed that it could be due to weak passwords or inactive accounts that are not deactivated by the users. If need be, just like any other popular apps, he said that WeChat also has their support system which covers range of services including User Safety and Privacy where such cases can be reported.