German security agencies have issued an urgent public warning about a new wave of phishing attacks targeting users of encrypted messaging services such as Signal — and potentially WhatsApp and other platforms.

The advisory was jointly published by Germany’s Federal Office for the Protection of the Constitution (BfV) and the Federal Office for Information Security (BSI), highlighting an ongoing campaign designed to hijack messaging accounts without exploiting any software vulnerabilities.

Phishing, Not a Signal Vulnerability

According to the official security notice, the attacks do not rely on flaws in Signal’s encryption or codebase. Instead, attackers use social engineering techniques to trick users into handing over sensitive account details.

Victims are contacted by impersonators posing as trusted contacts or official support representatives and are persuaded to share verification codes, PINs, or to scan QR codes that secretly link an attacker-controlled device to the victim’s account.

How Signal Accounts Can Be Taken Over

Signal allows users to protect their accounts with a Signal PIN , which is designed to prevent unauthorized re-registration.

However, if an attacker convinces a user to reveal this PIN or approve a device pairing, they can abuse Signal’s Linked Devices feature to gain ongoing access to conversations — even without the victim noticing immediately.

WhatsApp Users Face Similar Risks

German authorities also warned that similar phishing techniques may be used against other messaging platforms, including WhatsApp.

WhatsApp allows accounts to be accessed across multiple devices using its linked devices feature , which can be abused if users are tricked into approving a malicious login.

To mitigate this risk, WhatsApp strongly recommends enabling two-step verification , which adds a PIN requirement before account changes can be made.

Who Is Being Targeted?

The campaign primarily targets politicians, journalists, military personnel, and government officials — individuals who rely heavily on encrypted messaging for sensitive communications.

German authorities believe the attacks are likely linked to state-aligned threat actors conducting espionage operations rather than ordinary cybercrime.

Part of a Broader Security Environment

The warning aligns with broader European threat assessments. Norway’s security service, PST, has repeatedly stated that the current threat environment is among the most serious in decades.

In its latest daily threat assessment , PST highlights espionage, cyber operations, and influence campaigns as persistent risks facing democratic societies.

What Users Should Do Now

Security agencies stress that messaging apps themselves remain secure when used correctly — but user awareness is critical.

Users are advised to never share verification codes or PINs, carefully review linked devices, and enable all available account protection features.

Sources & References

This article was written by DigitalEscapeTools based on official government advisories and verified platform documentation.