TLDR
Criminals are targeting Signal users with SMS phishing that impersonates Signal Support and tricks victims into handing over their 64 character backup recovery key. Once shared, attackers can download and decrypt the user's entire...
Como funciona
Criminals are targeting Signal users with SMS phishing that impersonates Signal Support and tricks victims into handing over their 64 character backup recovery key. Once shared, attackers can download and decrypt the user's entire...
Señales de alerta
- : Unsolicited message claiming to be from Signal Support asking for your recovery key Urgent threats of permanent data loss pressuring immediate action Instruction to paste a secret key directly into a chat conversation What to do: Never share recovery keys, PINs, SMS codes, or MFA secrets with anyone, including 'support' Open the Signal app directly, not via links in the message, to verify any warning Enable registration lock, registration PIN, and disappearing messages for extra protection
Qué hacer
- 1Red flags: Unsolicited message claiming to be from Signal Support asking for your recovery key Urgent threats of permanent data loss pressuring immediate action Instruction to paste a secret key directly into a chat conversation What to do: Never share recovery keys, PINs, SMS codes, or MFA secrets with anyone, including 'support' Open the Signal app directly, not via links in the message, to verify any warning Enable registration lock, registration PIN, and disappearing messages for extra protection
Fuente
malwarebytes
Fuente verificada por Mythos Forensic Team
https://www.malwarebytes.com/blog/news/2026/05/signal-users-targeted-in-backup-stealing-phishing-attacksFAQ
Es Phishing campaign steals Signal backup recovery keys via fake support messages una estafa real?
Si. Trata el mensaje, la llamada o la solicitud de pago como sospechosos hasta que los verifiques por un canal oficial.
Cuales son las primeras senales?
: Unsolicited message claiming to be from Signal Support asking for your recovery key Urgent threats of permanent data loss pressuring immediate action Instruction to paste a secret key directly into a chat conversation What to do: Never share recovery keys, PINs, SMS codes, or MFA secrets with anyone, including 'support' Open the Signal app directly, not via links in the message, to verify any warning Enable registration lock, registration PIN, and disappearing messages for extra protection
Que debo hacer primero?
Red flags: Unsolicited message claiming to be from Signal Support asking for your recovery key Urgent threats of permanent data loss pressuring immediate action Instruction to paste a secret key directly into a chat conversation What to do: Never share recovery keys, PINs, SMS codes, or MFA secrets with anyone, including 'support' Open the Signal app directly, not via links in the message, to verify any warning Enable registration lock, registration PIN, and disappearing messages for extra protection
Puede LegalAudit revisar mi caso?
Si. Abre el chat gratis y pega el mensaje, el enlace, el remitente o los datos de pago para un triage.