There has been an increase in phishing attacks targeting Signal users recently. The provider has now commented on what is going on.
Both the Federal Office for the Protection of the Constitution (BfV) and the Federal Office for Information Security (BSI) have warned about the targeted campaign. There were numerous social manipulation messages sent to lure unsuspecting people into a trap.
Now there is also a statement from the signal makers.
This is what the signal makers say about phishing attacks
Phishing attacks on the supposedly secure messenger: That could be it Damage user trust in the app. However, on various social media such as Bluesky, the makers of Signal said very clearly:
“Signal’s encryption and infrastructure have not been compromised and remain robust.”
So you don’t have to worry about that signal is now fundamentally uncertain. The app remains the best choice for anyone who values data protection and privacy. At the same time, the developers take the attacks very seriously.
These are with sophisticated phishing methods carried out to encourage users to release sensitive information – such as SMS codes or Signal PINs.
This allowed the fraudsters to gain access to the Signal accounts of those affected. So it’s primarily about “social engineering”, where Signal support supposedly writes to you. A typical message looks something like this:
The makers of Signal give all users clear instructions on how to recognize something like this as a phishing attack:
- You need the SMS code to verify your Signal account only when you log in for the first time in the app. After that, this will never be necessary again!
- Never share with others the SMS code or Signal PIN, because not even Signal employees would ever ask for it!
- Signal never contacts you via in-app messages, SMS, or social media. The alleged one “Signal Support Bot” does not exist.
While Signal takes robust technical security precautions “User vigilance is ultimately the best protection against phishing.” They want to continue working on minimizing these risks through the design of the user interface and through information throughout the app.
About the Author
