Governments are warning about a global phishing campaign that targets Signal and WhatsApp accounts used by officials, military staff, and public servants. Attackers are using fake support chatbots and convincing messages to trick victims into sharing their account PINs. Once hackers obtain that PIN, they can access incoming messages and monitor private conversations.
Security officials say these attacks focus on people who handle sensitive information, including government workers and military personnel. Hackers usually approach targets through messages that look like legitimate support requests, then ask for verification details that give them access to the account.
According to Dutch intelligence agencies, the campaign links to Russian state hackers and already affects government employees.
“Russian state hackers are engaged in a large-scale global cyber campaign to gain access to Signal and WhatsApp accounts belonging to dignitaries, military personnel and civil servants.”
Authorities warn that journalists and other individuals of interest to Russia also face possible targeting, which raises wider concerns about secure communication platforms.
How the phishing attacks work
Hackers impersonate support chatbots or service staff and ask targets to confirm their Signal or WhatsApp PINs. Victims often believe the request comes from legitimate support teams because attackers copy official language and branding.
Security agencies advise users to never share account PINs or security codes, and always verify any request that asks for login or verification details.
