How to protect your Telegram account from cybercriminals
open allWhat for: So you don't get hacked.
To log in to Telegram on a new device, you should scan a QR code with your phone or enter a code received by phone call or SMS. If cybercriminals want to hijack your account, they can intercept a message or incoming call and log in to the messenger in your place.
To protect your privacy, enable two-factor authentication in Telegram for Android. If this feature is activated, when logging in to the app from a new device you should enter not only a code received via SMS or phone call, but also a password. Without the password, cybercriminals will not be able to enter the account, even if they intercept a message or call containing a code. To enable and configure two-factor authentication:
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Security section, select Two-Step Verification;
- Tap Set Password;
- Create a strong password and enter it in the field.
- If you're afraid of forgetting your password, you can create a hint;
- On the next screen, enter the e-mail address to which you want to receive the confirmation code for enabling two-factor authentication;
- To complete the setup, enter the confirmation code from the e-mail.
What for: To keep strangers from reading your correspondence.
If you logged in to Telegram on someone else's computer or phone and didn't log out, anyone will be able to read your messages and even write to people from your account. For your convenience, the messenger keeps a list of active sessions. Check the list and make sure that there are no extra devices connected:
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Devices section;
- If you see an unfamiliar device, select it and tap Terminate Session;
- You can also tap Terminate All Other Sessions to log out of all devices except this one.
What for: To keep strangers from reading your correspondence.
If you leave your device unattended, anybody can take advantage of it and read your Telegram correspondence or write messages on your behalf. To prevent this, set a passcode.
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Security section, select Passcode Lock;
- Tap Enable Passcode;
- Create a secure passcode and enter it in the field.
From now on, every time you launch Telegram you will be asked to enter the passcode. If you need to move away from your device, tap the padlock icon located in the top right corner of the screen, above the list of chats and channels. The app will be locked until you enter the passcode.
Telegram for Android also lets you set up a timed auto-lock so you don't need to lock it manually every time. You can use the default auto-lock interval or choose the different one.
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Security section, select Passcode Lock;
- In the window that opens, tap Auto-lock, select a preferred interval, and tap Done.
If you forget your passcode, you will need to reinstall Telegram on your Android, and all your Secret Chats will be lost.
What for: So that cybercriminals don't use your payment details.
With Telegram for Android, you can not only chat and read news channels, but also pay for goods and services. When making a purchase, your payment and shipping information is saved, including your bank card number. However, this information is not stored on the Telegram servers: it's kept by payment services, who process all transactions. The privacy policy of these services explains how the information above impact on your privacy.
If you don't want to study the documentation and just want to eliminate the risk of a data leak, you can clear your shipping and payment data in Telegram.
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Bots and websites section, select Clear Payment and Shipping Info;
- In the window that opens, tick the boxes next to Shipping info and Payment info, and tap Clear All.
Downside: you will have to manually enter your bank card details and delivery address.
What for: So the new owner of your old number can't read your correspondence or write messages from your account.
To log in to Telegram on a new device, you can scan a QR code or enter a one-time code received by phone call or SMS. If you decide to change your number or you don't use it for a long time, at some point the operator will transfer the old number to someone else.
In certain circumstances — for example, if you want to log in to Telegram using an SMS code — that code might go to a stranger, who could then access your account. To prevent this, change your number in the settings.
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Tap on your phone number and then tap Change Number;
- In the window that opens, tap Change;
- Enter your new number;
- Tap Send Code;
- Enter the code sent via SMS to your new number.
How to protect your private Telegram data from strangers
open allWhat for: So you can stay private and decide who gets to see your number.
By default, only your contacts can see your phone number in Telegram. If you made your number visible to everybody, spammers or obsessive admirers could take advantage of this.
To increase your privacy level and limit the visibility of your number or hide it completely:
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Privacy section, tap Phone Number;
- Next, select My Contacts or Nobody.
- Tap Add Users opposite Always Allow or Never Allow;
- Select the relevant person from your contact list and tap the tick icon.
What for: So nobody knows when you were last online.
Telegram shows its users when you last entered the app. If you want to increase your privacy level and hide this information, you can limit the visibility of your most recent activity.
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Privacy section, select Last seen & Online;
- Next, select My Contacts or Nobody.
- Tap Add Users opposite Always Share With or Never Share With.
- Select the relevant person from your contact list and tap the tick icon.
Downside: you won't see the last seen status of users you've hidden your own activity from.
What for: To increase your privacy level and hide your photos and videos from strangers.
Telegram lets you upload photos and videos to use as profile pictures. However, this lowers your privacy level since by default these photos and videos are visible to all users. If you don't want strangers to know what you look like, you can make it so that only your contacts can see your profile photos and videos.
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Privacy section, select Profile Photos & Videos;
- Next, select My Contacts.
- Tap Add Users opposite Always Allow or Never Allow;
- Select the relevant person from your contact list and tap the tick icon.
What for: So nobody sees the photos and videos you exchanged in chats.
By default, Telegram for Android automatically downloads photos and videos from your chats to your gallery. This is convenient because you don't need to look through all your chats for a file you want — but at the same time, it lowers your privacy level. If you want to show someone a photo, images you exchanged in Telegram will appear among the others in your gallery. To avoid any awkward situations, turn off the saving of Telegram media to your gallery.
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Data and Storage section;
- In the Save to Gallery section, turn off the toggle switches opposite Private Chats, Groups, or Channels, depending on which media you want to exclude from your gallery;
- Remember that files from chats will still be saved to your device and can be found in your phone memory. However, to do this usually requires a special app-manager and knowledge of the internal folder structure, so removing private photos from your gallery protects against the majority of nosy parkers and increases your privacy level.
What for: To stay anonymous.
If you don't want other users to see your real name and photos, you can change them in the app settings.
- Tap the three-stripe icon in the upper left corner of the screen;
- Tap your profile picture;
- Tap the three-dot icon in the top right corner of the screen, select Delete and confirm your choice. If you have more than one photo or video, repeat this action for all of them;
- To upload a different image instead of your photo, tap on the camera icon and select the image or photo you want to use;
- To use a pseudonym, tap the three-dot icon in the top right corner of the screen, select Edit name, and enter a new name.
Important! Changing your name in Telegram will not change it for users who added you to their contact lists already. They will see your name as it is saved in their contacts.
What for: To limit your account visibility to strangers.
When a friend or acquaintance forwards your message to someone, the message includes a link to your profile. This lowers your privacy level because complete strangers can see your account. To stop Telegram from attaching a link to your profile:
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Privacy section, select Forwarded Messages;
- Next, select My Contacts or Nobody.
- Tap Add Users opposite Always Allow or Never Allow;
- Select the relevant person from your contact list and tap the tick icon.
What for: So you don't leave traces of correspondence on Telegram servers and securely delete messages.
Although Telegram chats are already securely protected and guarantee a high level of privacy, you can also exchange messages using end-to-end encryption. Data from secret chats is not sent to the developers' servers, which means only a sender and a receiver see it. To start a secret chat:
- Open a chat with a user you want to start a secret chat with;
- Tap on their name or profile picture;
- In the window that opens, tap the three-dot icon in the upper right corner of the screen;
- Select Start Secret Chat;
- For extra privacy, you can configure the chat so that messages are automatically deleted after a certain period of time. To do this, tap on the timer icon in the secret chat and choose the time period after which messages will be deleted.
What for: So Telegram doesn't store data on your private calls.
There are two ways to make calls in Telegram: through the application server, or directly between devices over the network — that is, peer-to-peer. The main differences between them in terms of privacy are the following:
Calls via server:
+ The other person can't find out your IP address, which in certain circumstances they could use to discover your location.
– Call data ends up on the server, albeit in an encrypted form.
– The quality of the connection can be worse compared to peer-to-peer.
Peer-to-peer
+ Telegram does not receive call data.
+ Better connection quality.
– The other person can find out your IP address, which in certain circumstances they could use to discover your location.
We recommend using peer-to-peer connection when communicating with people from your contacts, and calling via server in all other cases. In this way, Telegram doesn't receive data on your private calls, and strangers can't find out your IP address.
This option is selected by default. To return to the previous settings, if you changed them at some point:
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Privacy section, select Calls;
- In the Peer-to-Peer section, select My Contacts.
What for: To avoid getting distracted and exposing personal data.
By default, Telegram for Android sends you pop-up notifications about new messages, including private texts. If you're using the app in a public place, these settings could endanger your privacy — strangers or colleagues might take a peek at your messages. In addition, frequent notifications can distract you from your work or just annoy you.
You can turn off some notifications or configure them so that they don't show the message text.
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Notifications and Sounds section;
- To completely turn off all alerts, in the In-app notifications section, deactivate the toggle switches opposite the types of notifications you don't want to receive;
- If you want to turn off certain notifications, you can select the ones you don't want to receive from the Private Chats, Groups, or Channels;
- On the notifications settings screen for private chats, groups, or channels, you can stop the notifications from displaying the message text. To do this, select one of the categories and turn off the Show Message Previews toggle switch.
How to protect yourself against spammers and trolls in Telegram
open allWhat for: So you don't receive messages from people you don't want to communicate with.
If you received a message from a spammer or fraudster, or just somebody you don't want to communicate with, you can block that user.
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Privacy section, tap Blocked Users;
- Tap Block user and add the user you want to block to the denylist.
The blocked user will not know you added them to your denylist. They can send you messages, but you won't see them — they will appear to the user as unread. Regardless of your other settings, blocked users can't see your photographs or last seen status.
What for: So that you don't get distracted by calls.
By default, only your contacts can call you in Telegram. If at some point you changed these settings and allowed anyone to call you, or you want to only communicate via messages even with close friends, you can block calls:
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Privacy section, select Calls;
- Then, in the Who can call me? section, select My contacts or Nobody.
- Tap Add Users opposite Always Allow or Never Allow;
- Select the relevant person from your contact list and tap the tick icon.
What for: So you don't get invitations from anyone.
By default, all Telegram users can send you invitations to channels and groups. To restrict this:
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Privacy section, select Groups & Channels;
- Next, select My Contacts.
- Tap Add Users opposite Always Allow or Never Allow.
- Select the relevant person from your contact list and tap the tick icon.
What for: So cybercriminals can't log in to your account on other sites.
In addition to making purchases, through Telegram for Android you can also log in to partner services — you just need to tap Log in with Telegram. For your convenience, Telegram remembers sites which you've logged in to through the app. This means that if your Telegram account ends up in the wrong hands, they could gain access to these other accounts. To avoid putting your privacy at risk, clear this data:
- Tap the three-stripe icon in the upper left corner of the screen;
- Select Settings;
- Go to the Privacy and Security section;
- In the Bots and websites section, select Logged In with Telegram.
- Tap Log out of all sites.
Downside: You will need to manually log in to sites you previously entered through Telegram.