Canada: CCCS publishes guidance on cybersecurity and instant messaging
The Canadian Centre for Cyber Security ('CCCS') published, on 24 March 2020, guidance ('the Guidance') on ensuring cybersecurity when using instant messaging applications. In particular, the Guidance warns that although end-to-end encryption may seem to offer a high level of security, users should not entirely rely on it to protect their data. Furthermore, the Guidance outlines methods that threat actors can use to obtain information, including gaining access to log-in credentials, exposing sensitive information sent to them by sharing it with others, and stealing information through an infected device. In addition, the Guidance advises on how to ensure information is kept secure, such as using two-factor authentication for accounts, ensuring the vendor or application is legitimate, and checking reviews on the long-term use of specific vendors and applications when verifying their dependability and trustworthiness.
You can read the Guidance here.