A woman wearing glasses types on a laptop while sitting at a desk.

In our increasingly digital workplace, chat services such as WhatsApp, Google Messages, Messenger, and others have become universal tools for communication. While these tools offer the promise of quick and easy messaging, they also present hidden dangers if not used responsibly. A recent incident at the advertising group WPP, where cyber attackers used deepfake technology to impersonate the CEO on WhatsApp, serves as a stark reminder that vigilance and proper boundaries are essential in this new digital landscape.

Let’s look at the risks associated with using instant messaging at work:

Security vulnerabilities Data privacy Compliance issues Deepfake and phishing attacks
Personal chat apps may not have the same level of security and encryption as corporate communication tools. This increases the risk of sensitive company information being intercepted or accessed by unauthorized parties. Personal messaging services can inadvertently mix personal and professional data, leading to potential privacy breaches. Work-related discussions might be exposed if personal devices are lost, stolen, or compromised. Many industries are subject to strict regulatory requirements regarding data handling and communication. Using non-sanctioned chat services can lead to non-compliance, with severe legal and financial repercussions. As seen in the WPP incident, attackers are increasingly sophisticated, using deepfake technology to convincingly impersonate trusted individuals. This can lead to the unintentional disclosure of sensitive information, or unauthorized actions being taken.

Best practices for responsible use of instant messaging at work

  • Use approved communication tools: Always use platforms that offer robust security and compliance features. These tools are specifically designed to protect business communications.
  • Separate personal and work communications: Keep personal messaging apps strictly for personal use. Avoid discussing work-related matters on these platforms to reduce the risk of data leakage. Never use your work computer to access these services, and do not use your company ID and password as your login to these services, either.
  • Be vigilant and verify: If you receive an unexpected message from a colleague or executive on a personal chat app, verify the authenticity through a secondary method of communication, such as a phone call, email or text.