The Meta messaging platform has started the global distribution of a new layer of cyber defense aimed at fully protecting users’ accounts. Denominada like strict account settings, the functionality arrives on mobile applications this January, establishing a new privacy standard to combat spying software and digital intrusion attempts. The tool was designed to act preventively against attack vectors that exploit human error and social engineering.
The feature centralizes several security options that previously needed to be activated individually, creating a “single shield” that can be enabled with a few taps on the screen. The update does not require the installation of new operating systems, being made available via server for the latest versions of the application on Android and iOS. The main focus is to drastically reduce the attack surface available to hackers and digital criminals.
Information security experts point out that the measure is a direct response to the growth of the mercenary spyware market, which often uses the application as a gateway to monitor activists, journalists and executives. By tightening the rules for interacting with unknown numbers, the platform aims to neutralize the sending of malware disguised as common files or legitimate links.
The rollout is taking place gradually and should cover the entire user base in the coming weeks, ensuring that the infrastructure supports changes to call routing and encryption verification. Embora the initial target audience is people at high risk, the settings are available to any user who wishes to increase the level of privacy in their daily conversations.
Unified defense mechanism
The main innovation brought by strict configurations is the automation of restrictions. Anteriormente, a user concerned about their security would need to navigate through multiple menus to adjust who can see their photo, who can add them to groups, or how the app handles calls from strangers. Agora, the system applies the most restrictive level to all these variables simultaneously.
When activating the feature, the application takes a “zero trust” stance towards contacts that are not saved in the phone’s address book. Isso means that any interaction initiated by a strange number will go through strict filters before notifying the user, eliminating the possibility of accidental clicks on dangerous content.
This simplified approach solves a long-standing usability problem in digital security: configuration complexity. Muitas loopholes remained open simply because users were unaware of the existence of certain security locks or did not know where to find them within the software options.
Barriers against files and links
One of the most significant changes impacts media receipt. With strict mode enabled, automatic downloading and even manual receipt of photos, videos, audios and documents from unsaved numbers are blocked. Essa measure aims to prevent the technique of steganography, where malicious codes are hidden within the pixels of an apparently harmless image.
In addition to files, link previews undergo drastic changes. Normalmente, when a link is sent, the application generates a thumbnail of the website to facilitate identification. However, this process can be exploited to track the user’s IP address or execute scripts remotely. The new mode disables this preview generation for unknown senders, protecting the recipient’s identity and location.
These restrictions create an environment where phishing becomes much less effective. Sem the ability to lure the victim with flashy images or previews of fake news, criminals lose essential tools of psychological manipulation, forcing the user to evaluate the plain text before taking any action.
Protocols for calls and groups
The voice and video calling system also operates under new routing rules. Ligações coming from numbers outside the phonebook are automatically silenced, although the record of the attempt remains visible in the calls tab for later conference calls. Mais than avoiding the hassle, this function protects the user’s network connection.
Technically, calls are redirected through the company’s servers, hiding the user’s direct IP address. Isso prevents attackers from discovering the victim’s approximate geographic location just by initiating a voice call, a known vulnerability in direct peer-to-peer connections.
Mass social engineering is also mitigated by blocking group additions. Administradores who are not on the user’s contact list are prevented from including them in collective chats, a common tactic for spreading spam, financial scams and coordinated disinformation.
- Total blocking of multimedia files and documents coming from unknown numbers.
- Disabling link preview to prevent IP tracking and script execution.
- Automatic silencing of calls from strangers with network address protection.
- Preventing people outside the contact list from being added to groups.
- Mandatory two-step verification with PIN for new logins.
Combating digital surveillance
The context of the launch is linked to the increase in surveillance tools such as Graphite, developed by Paragon Solutions, and the notorious Pegasus. Esses software exploits tiny flaws in communication applications to turn smartphones into listening devices. The new settings make it difficult to exploit these loopholes by limiting the interactions that the application accepts to process.
Two-step verification becomes mandatory in this mode, creating a second access barrier. Mesmo If an attacker manages to clone the victim’s SIM card or intercept the SMS activation code, he will not be able to access the account without the personal PIN defined by the user, frustrating attempts to hijack the profile.
Additionally, the system starts to notify the entire network of contacts if there is a change in the user’s encryption keys. Isso serves as a community alert that the security of that account may have been compromised or that the device has been changed, allowing interlocutors to verify authenticity before sending sensitive information.
Feature enablement instructions
To activate maximum protection, the user must access the application on their main device, as configuration cannot be initiated via the web or desktop versions. The path involves entering the Configurações menu, selecting the Privacidade option and then searching for the Avançado section, where the new tool is located.
When you select “Strict account settings”, the app prompts for a simple confirmation and applies the changes immediately. A summary of restrictions is displayed on the screen to ensure the user understands the limitations imposed, such as not receiving photos from strangers. The process is reversible at any time, allowing protection to be turned off if it interferes with professional or personal use.
The company reinforces that the user experience with saved contacts, family and friends remains unchanged. End-to-end encryption remains active for all conversations, and restrictions apply exclusively to the unknown, balancing everyday usability with the critical need for security in an increasingly hostile digital environment.