ACCORDING to the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA), Russian-linked phishing campaigns are targeting users of Signal and WhatsApp to hijack messaging accounts. The PSA notes that thousands of compromised accounts have been observed worldwide as the same tactics expand into a broader campaign, aiming at senior officials, military personnel, civil servants, and journalists.
The attackers do not break end‑to‑end encryption; instead they rely on social engineering to add a device and eavesdrop on accounts. Dutch intelligence services AIVD and MIVD had previously described how state-backed actors posed as “Signal Support” or “Signal Security Bot” to reach high‑value targets, a pattern now seen in these global campaigns.
The article also outlines practical steps to protect accounts, such as treating unsolicited messages from “Support” as suspicious and using extra security features like registration locks and device-change alerts.