Russia is carrying out a large-scale global phishing campaign targeting users of encrypted messaging platforms Signal and WhatsApp, according to Dutch intelligence agencies.
The warning comes amid growing concerns over cyberattacks aimed at compromising communications used by government officials, journalists and other high-profile individuals.
The Dutch agencies said hackers linked to Russian intelligence are attempting to take control of messaging accounts by using phishing tactics.
NBC News reported that, in many cases, attackers pose as official support accounts using names such as “Signal Support” to trick users into revealing login details that allow access to their accounts.
According to the news outlet, Russia’s Ministry of Foreign Affairs did not respond to requests for comment.
Investigators said the campaign has already compromised the communications of some Dutch government employees.
NBC News stated that authorities warned that other potential targets may include journalists and individuals considered of interest to the Russian government.
Signal, widely regarded as one of the most secure messaging platforms due to its end-to-end encryption, has become an essential communication tool in sensitive environments.
The app has been widely used by Ukrainian military personnel during the ongoing war with Russia.
The platform also drew international attention last year after a group of senior U.S. officials mistakenly added a journalist to a private Signal group chat in which they were discussing military strikes in Yemen.
In a statement posted on the social media platform X, Signal acknowledged reports of targeted phishing attacks that have resulted in account takeovers involving some users, including government officials and journalists.
However, the company stressed that its core systems remain secure.
“Signal’s encryption and infrastructure have not been compromised and remain robust,” the company said.
Signal explained that the attacks rely on sophisticated phishing techniques designed to manipulate users into sharing sensitive information such as SMS verification codes or Signal PINs.
Once attackers obtain these details, they can gain control of the user’s account.
According to the company, attackers often impersonate trusted contacts or services, including a fictitious “Signal Support Bot,” to convince victims to disclose their login credentials.
Signal warned that its support team will never contact users through in-app messages, SMS or social media to request verification codes or PINs. The company said such requests should be treated as scams.
“Your Signal SMS verification code is only needed when you
are first signing up for the app,” the company said.
While the platform continues to strengthen technical safeguards, Signal said user awareness remains the most effective defence against phishing attacks.
Comments 0
Sign in to join the conversation
Sign In Create AccountNo comments yet. Be the first to share your thoughts!