CyberInsider

Reliable cybersecurity news and resources

General

Latest News

About

CyberInsider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Signal Users Targeted by Fake Support Messages for Account Hijacks

By Leave a Comment
LinkedInReddit

A phishing campaign is targeting Signal users with fake messages posing as the platform’s security support, in an attempt to hijack user accounts.

The scam, highlighted by Citizen Lab researcher John Scott-Railton, mimics official Signal communication and urges users to hand over their verification codes.

The attack appears to be opportunistic and broad in scope, with attackers sending fraudulent messages that claim suspicious activity has been detected on a user's device. The message falsely instructs recipients to verify their identity by sharing their verification code, an act that would give attackers full access to their Signal account.

The phishing message sent to Signal users
Scott-Railton

Scott-Railton, a senior researcher at Citizen Lab, sounded the alarm on X, warning users not to engage with the message and instead use Signal’s built-in “Report Spam & Block” function. He noted that this kind of phishing is not new but appears to be happening at an increased volume. Attackers are likely using automated tools to guess large numbers of phone numbers and send message requests en masse.

The fake message, styled as coming from a “Signal Security Support ChatBot,” attempts to create a sense of urgency by referencing data leaks and account compromise. It asks users to send their verification code, a unique number sent via SMS that Signal uses to authenticate devices. While the message tries to seem official, it contains red flags typical of phishing, such as requesting sensitive information and referring to a chatbot that doesn’t exist.

Signal, developed by the non-profit Signal Foundation, is a widely used encrypted messaging platform praised for its end-to-end encryption and privacy-first architecture. It does not use chatbots for account verification, nor does it ask users to share verification codes via message. In fact, Signal explicitly states that no employee will ever ask for such information.

We reached out to Signal for comment on the scope and potential impact of this phishing campaign, but did not receive a response by the time of publication.

Signal users are advised to remain cautious when receiving unexpected message requests. A quick profile check can help differentiate between legitimate contacts and impersonators. Signal’s official account is clearly marked and easily distinguishable from fake ones.

If you liked this article, be sure to follow us on X/Twitter and also LinkedIn for more exclusive content.

LinkedInReddit

More from CyberInsider

About Amar Ćemanović

Amar Ćemanović is an experienced editor and trained engineer with a keen eye for detail and a passion for technology. 
Based in Bosnia, Amar specializes in producing high-quality, engaging content. He holds a Master’s degree in engineering, which helps him maintain a meticulous approach to all editorial work. Amar brings a well-rounded knowledge base, covering everything from tech solutions to privacy tools.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Share to...
BlueskyBufferCopyFlipboardHacker NewsLineLinkedInMastodonMessengerMixNextdoorPinterestPrintRedditSMSTelegramThreadsTumblrVKWhatsAppXingYummly