Signal has long been considered one of the most secure messaging apps in the world. Millions of users rely on it for private conversations, encrypted messages, and secure communication.
However, cybersecurity experts are now warning about a new phishing campaign that targets Signal users by attempting to steal their backup recovery keys.
The attack is designed to trick users into handing over access to their encrypted chat backups, potentially exposing private messages, photos, and important documents.
How the New Scam Works
According to security researchers, hackers are sending fake messages that appear to come from Signal’s support team.
The message claims that a user’s backup data is at risk because of a synchronization issue. Users are then told they need to verify their account or share a recovery key to avoid losing access to their chats.
At first glance, the message appears legitimate.
However, experts confirm that the message is a phishing attempt designed to steal sensitive account information.
Signal has made it clear that the company will never ask users for their recovery key, registration code, or account PIN through chat messages.
Why Hackers Want Recovery Keys
Last year, Signal introduced Secure Backups, a feature that allows users to store encrypted backups of their conversations.
To restore these backups on a new device, users receive a unique recovery key.
This recovery key is extremely important because it acts as the only way to unlock the encrypted backup archive.
Without the key, nobody including Signal itself can access the stored data.
If a hacker successfully obtains a recovery key and gains access to the account, they may be able to restore older conversations, files, and media stored in the backup.
Who Is Being Targeted?
Initial reports suggested that activists and individuals involved in sensitive political discussions were among the first targets.
However, cybersecurity experts now believe the campaign may be affecting a wider range of users.
Researchers have identified similar phishing attempts targeting people from different backgrounds, suggesting that the attackers are expanding their efforts beyond a single group.
This means that any Signal user should remain cautious.
Signal Responds to the Threat
Signal has acknowledged the phishing campaign and says it is actively monitoring the situation.
The company also reminded users of several important security rules:
- Signal will never start a conversation asking for account credentials.
- Signal will never request your recovery key.
- Signal will never ask for your PIN.
- Signal will never request your registration code.
Any message requesting this information should be treated as suspicious and ignored immediately.
Why This Attack Is Different
Previous attacks against Signal users often focused on hijacking phone numbers or taking over accounts.
This latest campaign is more concerning because it targets encrypted backups.
Instead of simply gaining access to a current account, attackers are attempting to access stored conversations and historical data.
For privacy-conscious users, this could represent a much greater risk.
How to Protect Your Signal Account
Cybersecurity experts recommend several simple steps to stay safe:
Never Share Your Recovery Key
Your recovery key should remain private at all times.
Enable Registration Lock
This extra security feature helps prevent unauthorized account transfers.
Use a Password Manager
Store important security credentials in a trusted password manager.
Verify Messages Carefully
Always double-check unexpected messages, especially those claiming to be from support teams.
Keep Your App Updated
Installing the latest updates helps protect against newly discovered threats.
The Growing Threat of Phishing Attacks
Phishing remains one of the most successful cyberattack methods because it targets human trust rather than software vulnerabilities.
Instead of breaking encryption, attackers try to convince users to voluntarily hand over sensitive information.
As messaging platforms become increasingly important for personal and professional communication, these types of scams are expected to become more common.
Final Thoughts
Signal continues to be one of the most secure messaging platforms available today. However, even the strongest security systems can be undermined when attackers successfully deceive users.
The latest phishing campaign serves as an important reminder that protecting your personal data requires both strong technology and good security habits.
For Signal users, staying alert and never sharing recovery keys remains the best defense against these emerging threats.
Read More on VitalStack
- Microsoft Faces Massive Backlash After Threatening Security Researcher Over Windows Bugs
- The Internet Is Quietly Being Rebuilt for AI Agents And Most People Haven’t Noticed
- Tech CEOs Are Betting Big on AI – But Experts Warn of a Serious Problem
- AI Token Futures Could Become the Next Gold and Oil Market
- Meta Launches Paid Subscriptions for Instagram, Facebook, and WhatsApp – AI Plans Coming Next
Enjoyed this article?
Subscribe for weekly deep-dives on AI and health — straight to your inbox.
