Phishing continues to cause damage and victims. Today, it is the messaging application Signal which is the collateral victim of a new large-scale attack, particularly well established, which targeted Twilio. The data of 2,000 users was stolen. We take you up to date on this news which is not reassuring and on the different techniques to avoid being fooled by phishing.
Email app scammed
Strictly speaking, Signal is not the victim of this phishing scam, but Twilio. It is an unknown company but essential to allow the proper functioning of the messaging application. And for good reason, it’s Twilio that provides Signal with a phone number verification service when a user signs up for instant messaging.. But Twilio is the victim of a phishing attack, and in its fall condemned Signal, and the data of 2,000 users.
How did this attack work? It directly affected Twilio employees, who were prompted by the company’s fake IT department to log back into their account. You know fishing. The scammers copied the interface of the IT department in order to play with the gullibility of the employees. And it worked. Since the employees followed the fraudulent link, the scammers gained access to the credentials. Thus, they were able to attack Signal users.
What email data was stolen?
As soon as Signal became aware of the scam, a statement was released. The messaging app starts by notifying 1,900 users. A hacker could attempt to re-register the number on another device, or learn that the number was registered on Signal. On the other hand, and this is good news, no other data was affected (for example, message history, contact lists, profile information or any other personal data). Why ? Because they are not stored in the Signal servers. They are stored directly on the device.
The application specifies that the hacker behind this vast phishing campaign was actually looking for three numbers. He was able to get one. Therefore, he was able to send messages with the victim’s account. To keep quiet, Signal users will need to re-register in the app (if it asks for it) and enable the Record Blocking feature (in Settings). We advise you to do this to be safe because this option was simply designed with the possibility of a scam of this type in mind.
Phishing claims many victims
It’s a scam that relies on a childishly simple, but devilishly effective system. Scammers simply pretend to be an official organization. The victims think they are in the right place and are guided. They end up indicating their personal data. And it’s already too late. This information is in the hands of malicious people who sometimes go so far as to empty the victim’s accounts.
Often, certain official bodies issue press releases to indicate that they are the target of criminals. This is the case of the CAF or the Post Office, often copied to allow scammers to recover sums of money.
To give you an example of phishing, no doubt you have been confronted with incessant calls, emails and / or SMS concerning the CPF. Indeed, the scammers are indeed going into overdrive. Their goal is simple. Ithey want to recover access to your account to suck up all the euros on it. To avoid falling into the trap, start from a simple observation, valid for all scams.
You should simply never fill in personal information by clicking on a link received by email. If in doubt, go to the official website yourself, without going through a link received by email. Scammers are good. For example, they send you an email pretending to be CAF. And the site they create for the occasion looks like two drops of water to the official site.