Signal adds security warnings for social engineering, phishing attacks

Home News Security Signal adds security warnings for social engineering, phishing attacks

By Bill Toulas

May 12, 2026

03:40 PM

Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud.

The purpose is to introduce enough friction that users get the time to evaluate the safety of an external request.

Recently, there have been attacks targeting high-profile users with bogus ‘Signal Support’ alerts, as highlighted by the FBI, the Dutch government, and the German authorities.

All incidents were attributed to Russian state-sponsored hackers, who abused the Linked Device feature to gain access to the target’s account, chats, and contacts lists.

The attack works by convincing the victim to scan a QR code or share one-time codes, supposedly as part of a verification process to protect their accounts from suspicious activity. This allows threat actors to link their device to the target account and obtain access to all the data.

“To help protect Signal users from phishing and social engineering attacks, we’ve introduced additional confirmations and educational messaging in the app to help people better detect fraudulent profiles, especially message requests from scammers posing as Signal,” the vendor explained.

The new protections are summarized as follows:

Signal will display a ‘Name not verified’ underneath contacts that establish communication via direct messages, and also a ‘No groups in common’ to highlight the lack of any association with the recipient.

When a new request arrives, Signal will prompt the user to confirm the acceptance while reminding them that it will never request their registration code, PIN, or recovery key.

Safety tips are now richer, with new entries and additional info.

Reminders to never respond to chats pretending to come from Signal Support will be pushed to users.

Signal's new phishing and social engineering protections Source: Signal

Social engineering remains one of the most effective forms of cyberattack, providing a complete bypass of existing security measures.

Users should stay on high alert for suspicious messages from unknown contacts, especially requests to scan QR codes or share verification codes.

Signal users should also check for rogue linked devices in settings and remove any they don’t recognize.

The Validation Gap: Automated Pentesting Answers One Question. You Need Six.

Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold. This guide covers the 6 surfaces you actually need to validate.

Download Now

TikTok for Business accounts targeted in new phishing campaign FBI links Signal phishing attacks to Russian intelligence services Webinar tomorrow: Why security alone won't stop modern attacks Webinar this week: Prevention alone is not enough against modern attacks Android 17 to expand banking scam call and privacy protections

Account Takeover

Messenger

Phishing

Security

Signal

Social Engineering

Bill Toulas

Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.

Signal adds security warnings for social engineering, phishing attacks

Related Articles

Elevated error rates on requests to multiple models

Donald Trump and sons to be 'forever' exempt from tax audits

PopuLoRA: Co-Evolving LLM Populations for Reasoning Self- Play

Old Reddit Is Down

The ultimate female fantasy – A feminist critique of Beauty and the Beast