Using Instant Messaging Safely

Using Instant Messaging Safely

Why do I need to use instant messaging differently?

We've seen attacks using e-mail (spamming, phishing, viruses, etc.) for years. We've learned to look at our e-mail and think before responding to messages or clicking on links.

Now, attacks are appearing against instant messaging. Instant messaging is done quickly, with little time given to detecting and analyzing potential threats. Attackers take advantage of the immediacy of instant messaging to send spam, phish, and spread viruses, worms, and other types of malware.

What can I do to protect myself?

Here are a few tips on how to use instant messaging programs more securely:

  • Configure your software to only receive messages from people on your buddy list. With this option turned on, most IM clients will prompt you before accepting messages from users who are not on your buddy list. This allows you to see who the sender is before accepting messages from people not on your buddy list.
  • Always keep your software up-to-date. Patches and new versions are released to fix discovered security vulnerabilities and/or functionality issues in the existing software.
  • Turn off features that automatically download files. Otherwise, if your "buddy" gets a virus or a piece of spyware, you'll get it too.
  • Click on links and open file attachments only in the context of a conversation. When you get a URL or attached file, respond. Don't just click on the link! If it's from a buddy, check with the buddy to make sure he or she sent the message.
  • Do not allow direct connections from anyone through your instant messaging client. There are other methods for transferring photos and other files that are much more secure, and often faster, than sending them through instant messenger.
  • Close and ignore any SPIM (Spam from Instant Messaging) you receive. You may also want to block the sender. By only allowing people on your buddy list to send you instant messages, you can avoid most (if not all) SPIM.
  • Check your profile for strange links and text. If you find links or text in your profile that you did not put there yourself, you may be infected by malware. Try to stay off instant messenger until you can confirm that your computer is free of malware, otherwise you may accidentally infect other users.
  • Never give out private information to anyone through instant messenger. Instant messenger traffic can be easily intercepted by attackers, especially over wireless networks. Always keep in mind that anyone could be "listening in" on your messages.

Keeping Safe

Keeping Safe: Guidelines and Best Practices

Not sure how to keep yourself, your information, and your devices safe? Click on the headings below for best practices, resources, and more; also be sure to check out our blog for more specific content, answers to your information security questions, and best practices guides!

Subject Area


Securing your Computer

Free downloads and instructions to support the Desktop and Portable Computer Standard.

Mobile Devices

Learn how to safely use mobile devices when dealing with Private Information or everyday use.


Learn how to recognize these common online scams.

Safe Blogging and Social Networking

Is a potential employer reading? Learn how much information is too much and how to protect yourself on social networking sites.

Wireless Networking

Learn about wireless networking at RIT, at home, and on public networks; and the potential dangers you face.

Web Browsing Safely

Learn about the different web browsers available, add-ons that can improve security, and how to browse using limited account privileges.

Identity Theft

Did you know that people aged 18-29 are five times more likely to be victims of identity theft than those 60 or older?

Instant Messaging

Tips on how to avoid malware and scams through instant messaging.

Safe Online Shopping and Banking

How to use these popular online services securely.

Digital Copyright

Are you aware that the Recording Industry Association of America (RIAA) and MPAA (Motion Picture Association of America) files copyright violations and has sued students at RIT? Visit the ITS Digital Copyright page to learn more about copyright violations at RIT and how they are handled.
Browser Security Configuration Outlines how to configure various security settings for common browsers.
Cloud Computing Information on secure cloud service use.


Subscribe to RSS - Messaging