The Russian Ministry of Internal Affairs (MVD) has released crucial recommendations to help users protect their Telegram accounts and personal data from evolving cyber threats.
Core Security Measures for Telegram Users
To ensure robust protection for your Telegram account and the sensitive information it contains, two fundamental actions are highly advised: configuring your messenger to hide your phone number and activating two-factor authentication (2FA).
1. Conceal Your Phone Number
The MVD stresses the importance of making your phone number invisible to individuals outside your contacts. This setting can be found and adjusted within the `Privacy and Security` section of your Telegram app. By doing so, you significantly enhance your communication privacy, effectively minimizing the risk of receiving unsolicited messages from malicious actors or unknown individuals. Furthermore, it is recommended to adjust your messenger settings to block incoming calls from users who are not listed in your personal contact list.
2. Enable Two-Factor Authentication (2FA)
Two-factor authentication (2FA) introduces a vital additional layer of defense for your Telegram account. With 2FA enabled, your account remains secure even if fraudsters somehow manage to gain unauthorized access to your device or obtain your phone number. This security feature typically requires a secondary verification step, often a password or PIN you`ve previously set, in addition to the standard login code, before access is granted.
3. Avoid Storing Sensitive Information in `Saved Messages`
Another critical piece of advice from the MVD is to refrain from storing any sensitive or important personal information within the `Saved Messages` (also known as `Favorites`) section of your Telegram account. While this feature offers convenience, it could become a vulnerability if your account were ever to be compromised.
Proactive Account Management and Vigilance
4. Regularly Review Active Sessions
Users are strongly encouraged to periodically check and review the list of all devices that currently have authorized access to their Telegram account. Should you discover any unfamiliar or suspicious active connections listed in the `Devices` section, it is imperative to terminate that session immediately to log out the unrecognized device.
5. Adopt General Cybersecurity Best Practices
- Never Share Login Codes: Under no circumstances should you disclose your Telegram login confirmation code to anyone, regardless of who they claim to be.
- Exercise Caution with Suspicious Links: Always be wary and avoid clicking on any links that appear suspicious or are sent by unknown or untrusted sources.
- Update Passwords Periodically: If you have 2FA enabled with a password, make it a habit to regularly change your Telegram password, along with any other linked account passwords.
- Beware of Third-Party Authorizations: Be extremely cautious and skeptical of any websites or services that request authorization or login using your Telegram account credentials.
Recognizing Common Online Scams
The MVD also took the opportunity to highlight several prevalent scam tactics that users should be acutely aware of to avoid falling victim:
- Fake Pension Fund Messages: Fraudsters have been known to disseminate fake messages purporting to be from official entities such as the Russian Pension Fund. These messages often falsely claim a significant increase (e.g., 30 percent) in pension payments to lure unsuspecting individuals.
- SNILS Replacement Schemes: Another reported scam involves con artists attempting to trick Russian citizens into supposedly replacing their individual insurance account number (SNILS). It is vital for the public to remember that SNILS numbers are permanent and are not subject to replacement under any circumstances.
By staying informed and diligently applying these recommended security measures, individuals can significantly enhance the safety of their Telegram accounts and protect their personal information from cybercriminals.
Clement Ashworth 
Barnaby Whitfield