← Back
NCSC warns of messaging app targeting
Policy
Security
Technology
Strategy
International
🛡️
CVE Intelligence
Loading CVE data...
NCSC warns of messaging app targeting
Alongside international partners, the NCSC has issued actions for individuals at risk of targeted attacks against messaging apps.
-
Advice & guidance
Our advice & guidance covers a broad range of topics
Find information for...
Popular topics
Other resources
-
Respond to a cyber attack
Resources for individuals and organisations in the UK who have experienced an online scam or cyber attack.
Affecting you or your family
Affecting your small business
Affecting your organisation
-
Find a product or service
Find a range of products & services from NCSC and certified 3rd party suppliers
In this section
Useful links
-
Education & skills
Working with industry, government and academia to support the next generation of researchers, students and cyber security professionals
Find information for...
Education & academia resources
Industry & skill resources
-
News
All the latest information to help you keep track of what's happening
In this section
Stay up to date
Alongside international partners, the NCSC has issued actions for individuals at risk of targeted attacks against messaging apps.
Messaging apps such as WhatsApp, Messenger and Signal are an important part of how we communicate every day.
The NCSC and international partners have seen growing malicious activity from Russia-based actors using messaging apps to target high-risk individuals.
High-risk individuals face a greater likelihood of attacks against their accounts due to a combination of their role and potential access to sensitive information and important people. You might be a high-risk individual if your work or public status means you have access to, or influence over, sensitive information that could be of interest to threat actors.
The NCSC has previously reported on the targeting of government officials’ accounts by China state-affiliated APT31, Russian Federal Security Service (FSB) actor Star Blizzard and Iran's Islamic Revolutionary Guard Corps (IRGC).
Attackers may attempt to:
- Trick you into sharing login or account recovery codes.
- Add their own device to your account without you noticing.
- Join group chats without detection.
- Impersonate someone you know.
- Phish you using malicious links or QR codes.
While anyone can be the victim of social engineering there are key actions you can take to reduce the risks against your personal accounts:
- Do not share sensitive information via messaging apps.
- For work communications, use corporately provided messaging services and devices where available and abide by your organisation’s policies.
- Do not share verification codes or scan unexpected QR codes.
- Enable two-step verification (for Signal users this is called Registration Lock in Settings).
- Enable passkeys where available (both WhatsApp and Signal support passkeys).
- Regularly check for linked devices in settings, review group members and remove or verify any participants you do not recognise independently.
- Beware of impersonations, unknown contacts and contacts appearing more than once.
- On personal accounts use disappearing messages that automatically delete after a set period – by turning this on you will limit what a successful attacker could access if they do manage to get in. However, you should have regard to any applicable record keeping requirements.
- The NCSC’s guidance for high-risk individuals on protecting accounts and devices supports all these recommended actions and includes information on accessing Individual Cyber Defence services to further improve your personal cyber resilience.
- The following NCSC advice should be considered:
- Device Security guidance - choosing an enterprise instant messaging solution
- Secure communications principles
Those working in government should follow government guidance on the use of non-corporate communications channels.
- Google has issued content about how multiple Russia-aligned actors are actively targeting Signal Messenger.
- Microsoft’s post also outlines the threat against messaging apps including lures designed to tricks users of these services.
Alongside international partners, the NCSC has issued actions for individuals at risk of targeted attacks against messaging apps.
-
Advice & guidance
Our advice & guidance covers a broad range of topics
Find information for...
Popular topics
Other resources
-
Respond to a cyber attack
Resources for individuals and organisations in the UK who have experienced an online scam or cyber attack.
Affecting you or your family
Affecting your small business
Affecting your organisation
-
Find a product or service
Find a range of products & services from NCSC and certified 3rd party suppliers
In this section
Useful links
-
Education & skills
Working with industry, government and academia to support the next generation of researchers, students and cyber security professionals
Find information for...
Education & academia resources
Industry & skill resources
-
News
All the latest information to help you keep track of what's happening
In this section
Stay up to date
Alongside international partners, the NCSC has issued actions for individuals at risk of targeted attacks against messaging apps.
Messaging apps such as WhatsApp, Messenger and Signal are an important part of how we communicate every day.
The NCSC and international partners have seen growing malicious activity from Russia-based actors using messaging apps to target high-risk individuals.
High-risk individuals face a greater likelihood of attacks against their accounts due to a combination of their role and potential access to sensitive information and important people. You might be a high-risk individual if your work or public status means you have access to, or influence over, sensitive information that could be of interest to threat actors.
The NCSC has previously reported on the targeting of government officials’ accounts by China state-affiliated APT31, Russian Federal Security Service (FSB) actor Star Blizzard and Iran's Islamic Revolutionary Guard Corps (IRGC).
Attackers may attempt to:
- Trick you into sharing login or account recovery codes.
- Add their own device to your account without you noticing.
- Join group chats without detection.
- Impersonate someone you know.
- Phish you using malicious links or QR codes.
While anyone can be the victim of social engineering there are key actions you can take to reduce the risks against your personal accounts:
- Do not share sensitive information via messaging apps.
- For work communications, use corporately provided messaging services and devices where available and abide by your organisation’s policies.
- Do not share verification codes or scan unexpected QR codes.
- Enable two-step verification (for Signal users this is called Registration Lock in Settings).
- Enable passkeys where available (both WhatsApp and Signal support passkeys).
- Regularly check for linked devices in settings, review group members and remove or verify any participants you do not recognise independently.
- Beware of impersonations, unknown contacts and contacts appearing more than once.
- On personal accounts use disappearing messages that automatically delete after a set period – by turning this on you will limit what a successful attacker could access if they do manage to get in. However, you should have regard to any applicable record keeping requirements.
- The NCSC’s guidance for high-risk individuals on protecting accounts and devices supports all these recommended actions and includes information on accessing Individual Cyber Defence services to further improve your personal cyber resilience.
- The following NCSC advice should be considered:
- Device Security guidance - choosing an enterprise instant messaging solution
- Secure communications principles
Those working in government should follow government guidance on the use of non-corporate communications channels.
- Google has issued content about how multiple Russia-aligned actors are actively targeting Signal Messenger.
- Microsoft’s post also outlines the threat against messaging apps including lures designed to tricks users of these services.