FBI Warns of Phishing Attacks Targeting Signal Users

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a warning regarding a new phishing campaign targeting users of the messaging app Signal. These attacks are linked to Russian intelligence services and aim to steal users' backup recovery keys. With these keys, attackers can access historical messages stored in the app. The phishing attacks utilize fake emails and messages that appear to come from Signal itself. Users are prompted to enter their recovery keys to supposedly resolve security issues.

This tactic is particularly dangerous as it exploits users' trust in the platform. Signal is known for its end-to-end encryption, which is intended to protect users' privacy. However, the theft of backup recovery keys could undermine the security of this encryption by allowing attackers access to old messages. This could have serious implications for users' privacy, especially for journalists and activists who rely on the security of their communications. Authorities advise users to be especially cautious and not to share sensitive information over insecure channels.

Users should also ensure that they download the official Signal app from trusted sources and regularly check for updates. Ignoring suspicious messages and verifying the sender's address are also important steps to avoid phishing attacks. In addition to phishing attacks, authorities warn of other cyber threats posed by Russian hackers. These threats also include ransomware attacks and intrusions into corporate networks. CISA has published a list of best practices to help organizations and individuals improve their cybersecurity.

The current warning follows a series of similar attacks that have increased in recent months. Experts emphasize that the threat from state-sponsored hacker groups remains high. The attacks target not only individuals but also businesses and critical infrastructures. The security situation is exacerbated by the growing reliance on digital communication tools. Users should be aware of the risks and take proactive measures to protect their data.

Authorities recommend enabling multi-factor authentication wherever possible to further enhance security. The FBI warning highlights that the threat of cybercrime must be taken seriously. The agency has previously warned of similar attacks and stressed that users should remain vigilant. CISA has also emphasized that collaboration between government agencies and the private sector is crucial to effectively combat cyber threats. The security gap created by the theft of backup recovery keys could have far-reaching consequences.

Signal users should be aware that their data may be at risk if they do not take the necessary precautions. Authorities advise regularly reviewing security policies and staying informed about current threats. The warning was issued on June 27, 2026, and is part of a broader strategy to combat cybercrime. CISA and the FBI are working closely together to inform the public about the latest threats and recommend appropriate measures.