Signal enhances anti-phishing and social engineering safeguards with in-app confirmations and warnings

First reported

12.05.2026 22:40

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Signal introduced new in-app confirmations and warning messages to mitigate phishing and social engineering attacks targeting its users. The updates aim to introduce user friction to encourage verification before accepting external requests. Recent campaigns abused the Linked Device feature by tricking high-profile users into scanning QR codes or sharing one-time codes under the guise of account verification, enabling Russian state-sponsored actors to gain unauthorized access to accounts, chats, and contact lists.

Timeline

12.05.2026 22:40 1 articles · 2h ago

Signal rolls out anti-phishing safeguards to combat social engineering and device linking abuse
Signal introduced new in-app confirmations, warning messages, and educational tips designed to deter phishing and social engineering attacks. The features include labels for unverified contacts, explicit prompts when accepting new requests, and reminders about fraudulent 'Signal Support' messages. The changes aim to mitigate recent abuse of the Linked Device feature by threat actors, who tricked users into scanning QR codes or sharing one-time codes to gain unauthorized access.
Show sources

Signal adds security warnings for social engineering, phishing attacks — www.bleepingcomputer.com — 12.05.2026 22:40
Open in new tab

Information Snippets

Signal now displays a 'Name not verified' label under contacts initiating direct messages and a 'No groups in common' indicator to highlight lack of shared groups with the recipient.
First reported: 12.05.2026 22:40

1 source, 1 article
Show sources
- Signal adds security warnings for social engineering, phishing attacks — www.bleepingcomputer.com — 12.05.2026 22:40
When receiving a new message request, Signal prompts users to confirm acceptance while explicitly stating it will never request registration codes, PINs, or recovery keys.
First reported: 12.05.2026 22:40

1 source, 1 article
Show sources
- Signal adds security warnings for social engineering, phishing attacks — www.bleepingcomputer.com — 12.05.2026 22:40
Signal added richer safety tips within the app, including reminders that chats from 'Signal Support' are fraudulent and should not be responded to.
First reported: 12.05.2026 22:40

1 source, 1 article
Show sources
- Signal adds security warnings for social engineering, phishing attacks — www.bleepingcomputer.com — 12.05.2026 22:40
Threat actors have leveraged social engineering to trick users into abusing the Linked Device feature, allowing device linking and full account access via QR code scanning or one-time code sharing.
First reported: 12.05.2026 22:40

1 source, 1 article
Show sources
- Signal adds security warnings for social engineering, phishing attacks — www.bleepingcomputer.com — 12.05.2026 22:40
Recent social engineering attacks attributed to Russian state-sponsored actors targeted high-profile users, as reported by the FBI, Dutch government, and German authorities.
First reported: 12.05.2026 22:40

1 source, 1 article
Show sources
- Signal adds security warnings for social engineering, phishing attacks — www.bleepingcomputer.com — 12.05.2026 22:40

Summary

Timeline

Signal rolls out anti-phishing safeguards to combat social engineering and device linking abuse

Information Snippets