Are there any risks and threats using instant messaging clients?
Mostly chat programmes do not enable encryption. Messages sent via instant messaging could easily be read by unauthorised third parties. Scammers could intercept personal data and potentially use it for social engineering later on. The transfer of data is rather unsafe as well. The computer can easily get infected by a virus or a Trojan, not least since chat rooms barely encrypt user data. For scammers it is an easy matter to gain access to passwords and to assume a fake identity.
So what can I do?
For starters, it is important not to disclose any sensitive data in chat rooms. Login- , bank- or credit card data should not be given to anyone via instant messaging. It is advised not to send or transmit files. It is safest to ensure that all messages are encrypted and communicating parties are not to be found out by unauthorised third parties.
How does it work?
The magic word is Off-the-Record Messaging or – abbreviated – OTR. It is a protocol that encrypts chat messages. Moreover, it ensures forward secrecy (the session key cannot be compromised): just like a personal conversation, the online conversation is between the conversation partners, thus no one is able to reconstruct the messages sent. You will find an instruction on how to use OTR to initiate secure messaging sessions in Pidgin on the following website.
Does it work with smartphones, too?
Sure it does. However, you will have to do without applications such as Whatsapp & Co. An alternative app is myEnigma Secure Messaging which you can download for Android based systems and iOS for free. Using a valid mobile number and email address allows you to register and login. Once the app has been successfully installed, myEnigma scans your contacts for users who use the service as well. The principle of email encryption also applies to instant messaging: only if both parties use the same service, a secure instant messaging can be provided. MyEnigma provides the same functions as Whatsapp & Co.: texting and sending multimedia attachments is no problem. The only downside to this app: you will have to do without smileys.