CISA and the FBI warn of a phishing campaign by actors linked to Russian Intelligence Services that targets users of commercial messaging apps to bypass end-to-end encryption by compromising accounts through social engineering. Thousands of accounts—including Signal users and high-profile targets such as government officials, military personnel, and journalists—have been compromised, enabling attackers to read messages, access contacts, impersonate victims, and spread further phishing. #RussianIntelligenceServices #Signal
Keypoints
- The campaign targets users, not software, using social engineering to impersonate official support accounts.
- Attackers request verification codes, recovery actions, or prompt clicks on malicious links to take over accounts.
- Compromised accounts let attackers read private messages, access contact lists, and send messages as the victim.
- CISA and the FBI report thousands of global compromises, including high-profile individuals and platforms like Signal.
- Users should pause before responding, avoid unknown messages, check links, enable built-in security features, and report incidents.
Read More: https://thecyberexpress.com/phishing-campaign-targeting-messaging-apps/