Signal and WhatsApp anti-phishing account-hardening guidance
Defensive Guidance
Summary
Hide ▲
Show ▼
A UK National Cyber Security Centre (NCSC) alert on March 31 warned that Russia-based actors are increasing targeted attacks against high-risk individuals using WhatsApp, Facebook Messenger and Signal. The activity relies on malicious links and QR codes, credential theft, and social engineering to compromise messaging apps and related accounts, with similar activity previously attributed to APT31 and IRGC-linked hackers.
Related Happenings
Meta For Business Facebook Messenger fake-verification phishing campaign
Campaign
H score29
First: 07.07.2026 10:00
Last: 07.07.2026 10:00
Sources 1
About this happening:
A **phishing campaign** abused **Facebook Messenger chatbots** and fake verification lures to steal **Meta For Business** credentials and sensitive identity data, creating account...
Meta For Business Facebook Messenger fake-verification phishing campaign
CampaignAbout this happening: A **phishing campaign** abused **Facebook Messenger chatbots** and fake verification lures to steal **Meta For Business** credentials and sensitive identity data, creating account...
Russian intelligence Signal recovery-key phishing campaign
Campaign
H score29
First: 29.06.2026 11:15
Last: 29.06.2026 11:15
Sources 1
About this happening:
An active **Russian intelligence** phishing campaign is impersonating **Signal** support to steal **Backup Recovery Keys**, **verification codes**, and **account PINs**, putting *...
Russian intelligence Signal recovery-key phishing campaign
CampaignAbout this happening: An active **Russian intelligence** phishing campaign is impersonating **Signal** support to steal **Backup Recovery Keys**, **verification codes**, and **account PINs**, putting *...
Russian intelligence services fake support SMS messaging-account phishing campaign
Campaign
H score29
First: 27.06.2026 20:27
Last: 27.06.2026 20:27
Sources 1
About this happening:
A **long-running phishing campaign** by **Russian intelligence services** is stealing **messaging-account credentials** from officials, military personnel, politicians, and activi...
Russian intelligence services fake support SMS messaging-account phishing campaign
CampaignAbout this happening: A **long-running phishing campaign** by **Russian intelligence services** is stealing **messaging-account credentials** from officials, military personnel, politicians, and activi...
Signal Backup Recovery Key phishing mitigation
Advisory/Mitigation
H score25
First: 27.06.2026 01:06
Last: 27.06.2026 01:06
Sources 1
About this happening:
The **FBI** and **CISA** updated mitigation guidance for **Signal users** after a phishing operation began targeting **Backup Recovery Keys**, which can expose **historical messag...
Signal Backup Recovery Key phishing mitigation
Advisory/MitigationAbout this happening: The **FBI** and **CISA** updated mitigation guidance for **Signal users** after a phishing operation began targeting **Backup Recovery Keys**, which can expose **historical messag...
Non-email threat-detection confidence gap across collaboration channels
Trend
H score25
First: 19.06.2026 12:00
Last: 19.06.2026 12:00
Sources 1
About this happening:
A survey found a broad **non-email threat-detection gap** across **Slack**, **Microsoft Teams**, and social channels, increasing exposure as attackers move beyond **email**. At **...
Non-email threat-detection confidence gap across collaboration channels
TrendAbout this happening: A survey found a broad **non-email threat-detection gap** across **Slack**, **Microsoft Teams**, and social channels, increasing exposure as attackers move beyond **email**. At **...
Timeline
-
21.03.2026 15:17 3 articles · 3mo ago
CISA and FBI issue Signal and WhatsApp anti-phishing guidance
Mitigation Patch UpdateCISA and the FBI advised users of commercial messaging apps such as Signal and WhatsApp to treat unsolicited requests for SMS codes, verification PINs, links, and QR-code scans as phishing attempts, because actors posing as trusted support accounts can recover or link accounts and then view messages, send messages as the victim, and launch secondary phishing from a trusted identity.
Show sources
- FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks — thehackernews.com — 21.03.2026 15:17
- FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks — thehackernews.com — 21.03.2026 15:17
- NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts — www.infosecurity-magazine.com — 02.04.2026 17:15