entity[“company”,”Signal”,”Encrypted messaging platform”] users are facing a growing wave of cyberattacks as hackers attempt to steal encrypteSignalupport messages.
Cybercriminals reportedly contact users while pretending to represent Signal’s support team. In many cases, the attackers warn victims that their saved data could disappear because of technical issues. They then ask users to share their recovery key, a private code used to restore encrypted backups.
Security experts say these scams have already affected users in several countries and mainly target sensitive information stored in backup systems, including private messages, photos, and confidential documents.
Signal Warns Users Against Sharing Recovery Keys
Signal has publicly warned users that its support team never asks for passwords, recovery keys, or private security credentials through messages or emails.
The company advised users to ignore suspicious communication claiming to come from “Signal Support” and to report phishing attempts immediately.
The attacks focus on Signal’s Secure Backups feature, introduced last year to improve data protection and account recovery. The system uses end-to-end encryption combined with a personal recovery key that only the user controls.
Under this setup, even Signal cannot access stored conversations or files without the recovery credentials.
Social Engineering Replaces Traditional Hacking Methods
Unlike older attacks that mainly focused on stealing user accounts, these newer scams aim to capture complete backup archives containing years of personal conversations and media files.
Cybersecurity analysts say hackers increasingly rely on social engineering tactics instead of attempting to break advanced encryption systems directly.
As encrypted messaging apps continue to strengthen their security infrastructure, attackers now focus more on manipulating users into revealing sensitive information voluntarily.
Growing Concerns Around Digital Privacy
The incident highlights the growing cybersecurity risks facing users of encrypted communication platforms worldwide.
Experts recommend that users never share recovery keys with anyone, verify communications through official channels, and activate additional security protections where available.
The rise in phishing attacks also shows that even the strongest encryption systems remain vulnerable when attackers successfully exploit human trust and urgency.
Technology companies are expected to continue investing heavily in user education, phishing detection, and advanced security tools to reduce these risks in the future.
MORE STORIES:
Rising Popularity of Short Videos
Securing AI Agents: A Car-Driving Analogy for Governance
Mark Zuckerberg Develops AI Agent to Transform Meta’s Operations
Google Expands Quantum Computing Research with Neutral Atom Technology
Meta Shifts Strategy Toward AI Investment
OpenAI CEO Addresses Attack and Public Criticism
Nvidia Unveils Self-Driving Car Tech as AI Expansion Accelerates
AI Tutors Reshape the Future of Education
Rwandan government employees using AI to complete training tests
AI prompting strategies: Do polite words improve chatbot accuracy?