REQUEST A TRIAL
back to blog

Signal Phishing Advisory published – targeting military, journalists and politicians

Signal Phishing Advisory published – targeting military, journalists and politicians

How to mitigate phishing threats from malicious actors looking to infiltrate using mass adoption messaging platforms.

The Federal Office for the Protection of the Constitution (BfV) and the Federal Office for Information Security (BSI) in Germany have issued an advisory about a phishing campaign using the messaging platform Signal.  The statement, highlighted by The Hacker News, says that this highly targeted, likely state-sponsored attack, is aimed at military personnel, investigative journalists and politicians.

The phishing attack doesn’t use any malicious code, it simply exploits an inherent weakness (intended to keep things simple for users) within the messaging platform – namely, that anyone can set up an account with just a device and a phone number.

The attacker pretending to be ‘Signal Support’ or a chatbot called ‘Signal Security ChatBot’ attempts to trick the victim into providing a PIN or verification code.  Should they fall for the trick, the attacker can register the account and access the victim’s profile, settings and contacts.  The victim is now locked out of their own account, but the attacker’s false ‘support’ persona encourages them to set up a new account.  Meanwhile the attacker can now see all communications on the victim’s account (although not previous communications because they are using a different device) and they can send messages to the victim’s contacts.  In this way the attacker can extract extremely sensitive information, not just from the victim, but from any of the group chats that the victim is party to.

There is a similar attack sequence that exploits a feature of Signal (or WhatsApp and similar platforms) that we have written about before, where the victim is tricked into scanning a malicious QR code. Read more here: https://www.armourcomms.com/2025/03/11/beware-malicious-qr-codes-when-using-whatsapp-and-signal/

How Armour mitigates this risk

A secure communications platform, such as Armour, mitigates this type of attack because it is completely within the control of the organisation and only those invited by an administrator can join.  In addition, identity-based encryption and authentication (NCSC’s MIKEY-SAKKE protocol), further ensures that participants in a voice call, instant messaging chat, or video conference, can be confident that they know who they are communicating with.

The Armour Secure Communications platform is already widely used across governments, defence organisations, and enterprises around the world.  For more information about what you should be looking for in a Secure Communications solution download our Buyer’s Guide: https://www.armourcomms.com/2023/06/29/securing-communications-channels-a-buyers-guide/

  • Signal Phishing Advisory published – targeting military, journalists and politicians
  • Signal Phishing Advisory published – targeting military, journalists and politicians
  • Signal Phishing Advisory published – targeting military, journalists and politicians
  • Signal Phishing Advisory published – targeting military, journalists and politicians
  • Signal Phishing Advisory published – targeting military, journalists and politicians
  • Signal Phishing Advisory published – targeting military, journalists and politicians
  • Signal Phishing Advisory published – targeting military, journalists and politicians
  • Signal Phishing Advisory published – targeting military, journalists and politicians
Armour Comms
GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.