Signal is the most secure encrypted communication platform available, but That doesn’t mean it’s impenetrable against bad actors. Earlier this year, for example, there was the FBI Able to recover deleted signal messages Thanks to a vulnerability in how notifications from the defendant’s iPhone are stored. (Apple has since fixed the flaw.) Now, the app is a target for hackers, who are impersonating Signal’s support team in a sophisticated phishing scam. Secure chat backup. Here’s what you need to know to protect your Signal account.
How the latest signal scam works
as TechCrunch reportsThreat actors are using an account called “Signal Support” to send phishing messages to potential targets requesting the recipient’s recovery key. The message warns that backup messages and media are “at risk of permanent loss due to a sync problem,” and unless the user provides their recovery key to the “support” team, they may lose access to their account and its data. Of course, this is all a lie: with your recovery key, attackers can unlock your encrypted chat backup, which is their obvious goal here.
These phishing campaigns can often target other high-risk signal users such as activists and journalists. However, some experts have suggested that the tactic could be used more widely and by multiple threat actors, who are exploiting users’ trust in the app’s reputation for privacy and security. Even the platform warned recently Users about similar endorsement impersonation scams aimed at account takeovers. Signal will never ask you for your account details, such as your PIN or recovery key, and any such requests for so-called support are a scam.
What do you think so far?
Secure your Signal account now
If you receive a message from Signal Support or any official-looking user requesting credentials or keys, do not provide this information. These are hackers impersonating signals, not trusted accounts. No legitimate company or platform will contact you out of the blue asking for your login or other sensitive data. You should too Enable Registration LockSignal’s security feature that protects your account from being hijacked. Enrollment Lock prevents someone else from setting a signal on a new device (without an additional PIN) and then locking you out. go to Settings > Account and toggle Registration lock To ensure that you are not attacked in this way.
