Suspected Russia-linked Signal phishing campaign targeting political accounts
Campaign
Summary
Hide ▲
Show ▼
A suspected Russia-linked phishing campaign on Signal compromised about 300 political-sphere accounts, exposing chats, ongoing conversations, and address books. Victims were lured by a fake Signal security chatbot that urged immediate action on supposed suspicious account activity. The lure led some users to enter a PIN or scan a QR code, linking their accounts to attacker-controlled devices and widening access to private messaging data.
Related Happenings
Signal adds in-app phishing confirmations and warning messages
Security Tool/Service
First: 12.05.2026 22:40
Last: 12.05.2026 22:40
Sources 1
How related:
Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud.
About this happening:
**Signal** added **in-app confirmations** and **warning messages** to slow phishing and social-engineering attempts that could expose **accounts**, **chats**, and **contacts**. Th...
Signal adds in-app phishing confirmations and warning messages
Security Tool/ServiceHow related: Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud.
About this happening: **Signal** added **in-app confirmations** and **warning messages** to slow phishing and social-engineering attempts that could expose **accounts**, **chats**, and **contacts**. Th...
BfV and BSI public warning on Signal phishing
Public Sector Action
First: 28.04.2026 13:54
Last: 28.04.2026 13:54
Sources 1
How related:
In February, Germany’s domestic intelligence service BfV and the federal cybersecurity authority BSI had issued a public warning about such a phishing campaign, saying it was “likely being carried out by a state-controlled cyber actor.”
About this happening:
Germany’s **BfV** and **BSI** issued a public warning about a **Signal phishing campaign**, flagging a likely **state-controlled cyber actor** and the risk to **politicians** and...
BfV and BSI public warning on Signal phishing
Public Sector ActionHow related: In February, Germany’s domestic intelligence service BfV and the federal cybersecurity authority BSI had issued a public warning about such a phishing campaign, saying it was “likely being carried out by a state-controlled cyber actor.”
About this happening: Germany’s **BfV** and **BSI** issued a public warning about a **Signal phishing campaign**, flagging a likely **state-controlled cyber actor** and the risk to **politicians** and...
Scattered Spider 2022 SMS phishing campaign targeting technology companies
Campaign
First: 21.04.2026 17:53
Last: 21.04.2026 17:53
Sources 1
About this happening:
Tyler Robert Buchanan’s guilty plea newly confirms **Scattered Spider**’s **2022 SMS phishing campaign**, showing it reached **at least a dozen major technology companies** and en...
Scattered Spider 2022 SMS phishing campaign targeting technology companies
CampaignAbout this happening: Tyler Robert Buchanan’s guilty plea newly confirms **Scattered Spider**’s **2022 SMS phishing campaign**, showing it reached **at least a dozen major technology companies** and en...
Scattered Spider SMS phishing and SIM-swap crypto theft campaign
Campaign
First: 20.04.2026 16:33
Last: 20.04.2026 16:33
Sources 1
About this happening:
The **Scattered Spider** campaign used **SMS phishing** and **SIM swap** attacks to steal employee credentials, hijack phone numbers, and take over email and **virtual currency wa...
Scattered Spider SMS phishing and SIM-swap crypto theft campaign
CampaignAbout this happening: The **Scattered Spider** campaign used **SMS phishing** and **SIM swap** attacks to steal employee credentials, hijack phone numbers, and take over email and **virtual currency wa...
Approval phishing crypto wallet fraud campaign
Campaign
First: 13.04.2026 11:00
Last: 13.04.2026 11:00
Sources 1
About this happening:
**Approval phishing** fraud networks were identified at scale, with **more than 20,000 victims** and at least **$33m** in additional stolen crypto tied to the operation. The fraud...
Approval phishing crypto wallet fraud campaign
CampaignAbout this happening: **Approval phishing** fraud networks were identified at scale, with **more than 20,000 victims** and at least **$33m** in additional stolen crypto tied to the operation. The fraud...
Timeline
-
12.05.2026 22:40 1 articles · 14d ago
Signal adds anti-phishing confirmations and warnings
Mitigation Patch UpdateSignal introduced new in-app confirmations, warning messages, and educational prompts to help users resist phishing and social engineering attempts, including bogus Signal Support lures and requests to scan QR codes or share registration codes, PINs, or recovery keys.
Show sources
- Signal adds security warnings for social engineering, phishing attacks — www.bleepingcomputer.com — 12.05.2026 22:40
-
28.04.2026 13:54 1 articles · 29d ago
Germany discloses suspected Russia-linked Signal phishing campaign
Initial DisclosureGerman officials said Russia is suspected of backing phishing attacks on Signal that targeted high-ranking politicians, including two government ministers, as well as military personnel and journalists. Der Spiegel reported that about 300 Signal accounts in the political sphere were compromised after victims were tricked by a fake Signal security chatbot into entering a PIN or scanning a QR code, which linked their accounts to attacker-controlled devices and exposed past chats, ongoing conversations and stored contact data.
Show sources
- Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials — www.securityweek.com — 28.04.2026 13:54