Find notable cyber news and cases, enriched with sources, timelines, and signals.

Signal and WhatsApp anti-phishing account-hardening guidance

Defensive Guidance
First reported
Last updated
Happening score
H score 26
2 unique sources, 2 articles

Summary

Hide ▲

A UK National Cyber Security Centre (NCSC) alert on March 31 warned that Russia-based actors are increasing targeted attacks against high-risk individuals using WhatsApp, Facebook Messenger and Signal. The activity relies on malicious links and QR codes, credential theft, and social engineering to compromise messaging apps and related accounts, with similar activity previously attributed to APT31 and IRGC-linked hackers.

Related Happenings

Meta For Business Facebook Messenger fake-verification phishing campaign

Campaign
H score29 First: 07.07.2026 10:00 Last: 07.07.2026 10:00 Sources 1

About this happening: A **phishing campaign** abused **Facebook Messenger chatbots** and fake verification lures to steal **Meta For Business** credentials and sensitive identity data, creating account...

Russian intelligence Signal recovery-key phishing campaign

Campaign
H score29 First: 29.06.2026 11:15 Last: 29.06.2026 11:15 Sources 1

About this happening: An active **Russian intelligence** phishing campaign is impersonating **Signal** support to steal **Backup Recovery Keys**, **verification codes**, and **account PINs**, putting *...

Russian intelligence services fake support SMS messaging-account phishing campaign

Campaign
H score29 First: 27.06.2026 20:27 Last: 27.06.2026 20:27 Sources 1

About this happening: A **long-running phishing campaign** by **Russian intelligence services** is stealing **messaging-account credentials** from officials, military personnel, politicians, and activi...

Signal Backup Recovery Key phishing mitigation

Advisory/Mitigation
H score25 First: 27.06.2026 01:06 Last: 27.06.2026 01:06 Sources 1

About this happening: The **FBI** and **CISA** updated mitigation guidance for **Signal users** after a phishing operation began targeting **Backup Recovery Keys**, which can expose **historical messag...

Non-email threat-detection confidence gap across collaboration channels

Trend
H score25 First: 19.06.2026 12:00 Last: 19.06.2026 12:00 Sources 1

About this happening: A survey found a broad **non-email threat-detection gap** across **Slack**, **Microsoft Teams**, and social channels, increasing exposure as attackers move beyond **email**. At **...

Timeline

  1. 21.03.2026 15:17 3 articles · 3mo ago

    CISA and FBI issue Signal and WhatsApp anti-phishing guidance

    Mitigation Patch Update

    CISA and the FBI advised users of commercial messaging apps such as Signal and WhatsApp to treat unsolicited requests for SMS codes, verification PINs, links, and QR-code scans as phishing attempts, because actors posing as trusted support accounts can recover or link accounts and then view messages, send messages as the victim, and launch secondary phishing from a trusted identity.

    Show sources