BfV and BSI public warning on Signal phishing
Public Sector Action
Summary
Hide ▲
Show ▼
Germany’s BfV and BSI issued a public warning about a Signal phishing campaign, flagging a likely state-controlled cyber actor and the risk to politicians and other politically exposed users. The warning mattered because the lure could let attackers bind a victim’s Signal account to an external device and read private communications. German authorities also personally contacted some politicians to warn that the phishing attempt may have reached them.
Related Happenings
Suspected Russia-linked Signal phishing campaign targeting political accounts
Campaign
First: 28.04.2026 13:54
Last: 28.04.2026 13:54
Sources 1
How related:
According to Der Spiegel, the targeted users received messages from a fake Signal security chatbot that informed them of suspicious activity on their accounts and asked them to take immediate action. If the user followed the instructions, including entering a PIN or scanning a QR code, their Signal accounts were linked to an external device controlled by the hackers.
About this happening:
A **suspected Russia-linked** phishing campaign on **Signal** compromised about **300 political-sphere accounts**, exposing chats, ongoing conversations, and address books. Victim...
Suspected Russia-linked Signal phishing campaign targeting political accounts
CampaignHow related: According to Der Spiegel, the targeted users received messages from a fake Signal security chatbot that informed them of suspicious activity on their accounts and asked them to take immediate action. If the user followed the instructions, including entering a PIN or scanning a QR code, their Signal accounts were linked to an external device controlled by the hackers.
About this happening: A **suspected Russia-linked** phishing campaign on **Signal** compromised about **300 political-sphere accounts**, exposing chats, ongoing conversations, and address books. Victim...
Latest development: 12.05.2026 22:40
Signal introduced new in-app confirmations, warning messages, and educational prompts to help users resist phishing and social engineering attempts, including bogus Signal Support lures and requests to scan QR codes or share registration codes, PINs, or recovery keys.
NCSC alert on messaging-app targeting of high-risk individuals
Public Sector Action
First: 02.04.2026 17:15
Last: 02.04.2026 17:15
Sources 1
About this happening:
The **UK National Cyber Security Centre (NCSC)** issued a **March 31 alert** warning that **Russia-based actors** were targeting **high-risk individuals** through messaging apps,...
NCSC alert on messaging-app targeting of high-risk individuals
Public Sector ActionAbout this happening: The **UK National Cyber Security Centre (NCSC)** issued a **March 31 alert** warning that **Russia-based actors** were targeting **high-risk individuals** through messaging apps,...
WhatsApp anti-scam protections now warn on fraudulent device-linking requests
Security Tool/Service
First: 26.03.2026 16:06
Last: 26.03.2026 16:06
Sources 1
About this happening:
**WhatsApp** rolled out **anti-scam protections** that warn users when **device-linking requests** look suspicious, adding a new user-facing control against **fraudulent account-l...
WhatsApp anti-scam protections now warn on fraudulent device-linking requests
Security Tool/ServiceAbout this happening: **WhatsApp** rolled out **anti-scam protections** that warn users when **device-linking requests** look suspicious, adding a new user-facing control against **fraudulent account-l...
Signal and WhatsApp anti-phishing account-hardening guidance
Defensive Guidance
First: 21.03.2026 15:17
Last: 21.03.2026 15:17
Sources 1
About this happening:
A **UK National Cyber Security Centre (NCSC)** alert on **March 31** warned that **Russia-based actors** are increasing **targeted attacks** against **high-risk individuals** usin...
Signal and WhatsApp anti-phishing account-hardening guidance
Defensive GuidanceAbout this happening: A **UK National Cyber Security Centre (NCSC)** alert on **March 31** warned that **Russia-based actors** are increasing **targeted attacks** against **high-risk individuals** usin...
FBI public warning on Signal and WhatsApp phishing
Public Sector Action
First: 20.03.2026 22:45
Last: 20.03.2026 22:45
Sources 1
About this happening:
The **FBI** issued a **public service announcement** warning that **Signal** and **WhatsApp** users are being targeted in **phishing campaigns**. The warning says the activity has...
FBI public warning on Signal and WhatsApp phishing
Public Sector ActionAbout this happening: The **FBI** issued a **public service announcement** warning that **Signal** and **WhatsApp** users are being targeted in **phishing campaigns**. The warning says the activity has...
Timeline
-
28.04.2026 13:54 2 articles · 29d ago
BfV and BSI public warning on Signal phishing
Initial DisclosureIn **February 2026**, **BfV** and **BSI** issued an early warning after a **Signal phishing campaign** began reaching politically exposed users. The action included direct outreach to some politicians and highlighted the risk of account linkage to an attacker-controlled device.
Show sources
- Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials — www.securityweek.com — 28.04.2026 13:54
- Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials — www.securityweek.com — 28.04.2026 13:54