All news with #whaling tag

🔐 German security agencies warn of an active campaign targeting high‑ranking politicians, soldiers, diplomats and journalists by seizing their Signal accounts. Attackers impersonate support teams to request secret PINs or trick users into approving device pairing via QR codes, then move the account to a number they control. No malware or software vulnerabilities are involved; the campaign relies on social engineering. Authorities note similar methods could be used against WhatsApp, and stress that official support will never request PINs via message.

🔒 Germany's Federal Office for the Protection of the Constitution (BfV) and the Federal Office for Information Security (BSI) have issued a joint advisory about a likely state‑sponsored phishing campaign that abuses Signal's legitimate features to seize accounts. Threat actors impersonate "Signal Support" or a "Signal Security ChatBot" to solicit SMS PINs or trick victims into scanning QR codes, enabling account registration on attacker‑controlled devices or silent device linking. Authorities recommend enabling Registration Lock, avoiding sharing verification codes, and routinely reviewing linked devices; the same methods can be applied to WhatsApp.

⚠️ Germany's domestic intelligence agencies warn of suspected state-backed campaigns that hijack messaging accounts on Signal to target politicians, military officers, diplomats, and journalists. The attacks use social engineering rather than malware, abusing legitimate features such as QR-code pairing and SMS/PIN verification. Two variants are reported: a full account takeover and a silent device pairing that monitors chats and contacts. Authorities advise blocking/reporting support-like messages, enabling Registration Lock, and routinely checking linked devices.

🎯 Whaling attacks are highly targeted social engineering campaigns aimed at senior executives that combine reconnaissance, spoofing, and urgency to trick leaders into divulging credentials, approving transfers, or executing malware-laden actions. Threat actors exploit executives’ visibility, limited time, and privileged access, and increasingly leverage generative AI and deepfakes to scale and refine impersonations. Key defenses include personalised executive simulations, strict multi-party approval flows for high-value transfers, AI-enhanced email filtering, deepfake detection, and a Zero Trust approach to access.