Signal users targeted in backup-stealing phishing attacks

A phishing campaign is impersonating Signal Support via SMS to coerce users into pasting their 64-character Secure Backups recovery key into a chat; attackers who obtain the key can download and decrypt full encrypted message archives. The report notes targeted incidents affecting journalists and activists, highlights red flags (e.g., 'Name not verified', threats of data loss), and advises users not to share recovery keys, to enable Signal security features, and to use Scam Guard to detect such messages.