"State-backed #phishing attacks targeting military officials and journalists on Signal" by Zeljka Zorz, Editor-in-Chief, Help Net Security February 6, 2026 https://www.helpnetsecurity.com/2026/02/06/state-linked-phishing-europe-journalists-signal/
"State-backed #phishing attacks targeting military officials and journalists on Signal" by Zeljka Zorz, Editor-in-Chief, Help Net Security February 6, 2026 https://www.helpnetsecurity.com/2026/02/06/state-linked-phishing-europe-journalists-signal/
German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, and investigative journalists across Germany and Europe via Signal.
https://www.helpnetsecurity.com/2026/02/06/state-linked-phishing-europe-journalists-signal/
German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, and investigative journalists across Germany and Europe via Signal.
https://www.helpnetsecurity.com/2026/02/06/state-linked-phishing-europe-journalists-signal/
2 weeks ago while I was investigating #Antisemitism training for the #ItalianPolice, I was targeted by TWO #phishing attacks on #Signal installated on 2 different phones with 2 different OSs.
Here @netzpolitik_org report on this kind of attacks:
Zahlreiche Journalist:innen und Aktivisti im Visier bei Attacke über Signal-Messenger
Mit einem Phishing-Angriff versucht ein bislang unbekannter Akteur offenbar gezielt Zugriff auf die #Signal-Konten von Journalist:innen und Aktivist:innen zu bekommen.
@netzpolitik_feed erklört wie der Angriff funktioniert und wie man sich vor ihm schützen kann.
#Phishing #Überwachung #Datenschutz #Daten #Datensicherheit #Privacy #Signal #Messenger
Umstrittene Terror-Ermittlungen
Der Messenger Signal als „Kult der Geheimhaltung“
"In einem Verfahren mit bislang wenigen Beweisen versuchen französische Ermittlungsbehörden die Nutzung von weit verbreiteten Verschlüsselungstechniken als Beleg für klandestines Verhalten heranzuziehen.
[...]
Auch würde mit der Betonung angeblich großer Computerkompetenz, die zum Beispiel damit begründet wird, dass ein Verdächtigter das Betriebssystem #Linux mit Verschlüsselung auf seinem Computer installiert habe, ein „alarmierendes Narrativ“ konstruiert, so La Quadrature. Handschriftliche Notizen zur Installation alternativer Handy-Betriebssysteme oder zur Nutzung der Videokonferenzsoftware #Jitsi bestätigten laut der Akte „den Wunsch von X, in den Untergrund zu gehen und ihre Aktivitäten zu verbergen“. Einem Verdächtigen wird laut den Akten vorgehalten, dass er seine Mutter zur Nutzung von Signal überzeugt hätte. Zu den Fragen, die sich die Verdächtigen anhören mussten, gehörte laut Quadrature auch, ob die Verdächtigen gegen Google, Apple, Facebook und Amazon (GAFA) seien."
#Signal #verschlusselung #Frankreich #Repression #Überwachung #Staat #Herrschaft #netzpolitik
Zahlreiche Journalist:innen und Aktivisti im Visier bei Attacke über Signal-Messenger
Mit einem Phishing-Angriff versucht ein bislang unbekannter Akteur offenbar gezielt Zugriff auf die #Signal-Konten von Journalist:innen und Aktivist:innen zu bekommen.
@netzpolitik_feed erklört wie der Angriff funktioniert und wie man sich vor ihm schützen kann.
#Phishing #Überwachung #Datenschutz #Daten #Datensicherheit #Privacy #Signal #Messenger
funny
#SWR3 informiert zu #digitalism
(von #TechSov oder #TechSuff kann man leider nicht sprechen )
#RealSatire Steilvorlage *-)
1)
wie erstelle ich mir eine *seriöse* gmail-adresse
https://www.swr3.de/aktuell/nachrichten/gmail-mailadresse-aendern-100.html
2)
wie werde ich bei WhattsApp NICHT gescammt . .. stichwort #GhostPairing
aka #phishing
https://www.swr3.de/aktuell/service/whats-app-phishing-betrug-100.html
(beide Dienste klöschen wäre wohk einfachen als sich dezidiert zu informieren ) ..
Credo che mia moglie sia stata vittima di #phishing...
Da un paio di giorni non riusciva ad accedere alla mail e, dopo aver recuperato e cambiato la password, si è accorta di questi messaggi nella posta INVIATA.
Non ho aperto il file allegato.
Ci sono tre messaggi di questo tipo inviati a indirizzi diversi e uno in bozza.
Di cosa si tratta?
Credo che mia moglie sia stata vittima di #phishing...
Da un paio di giorni non riusciva ad accedere alla mail e, dopo aver recuperato e cambiato la password, si è accorta di questi messaggi nella posta INVIATA.
Non ho aperto il file allegato.
Ci sono tre messaggi di questo tipo inviati a indirizzi diversi e uno in bozza.
Di cosa si tratta?
Personal #InfoSec heads up. This is my story of #identity theft. I hope it helps you avoid the hellish experience. In early December 2025, I fell for a very well-executed #phishing #fraud scam.
They pretended to be from security at my bank. They knew much more about me than I would ever expect. That was key to convincing me to stay on line, When I say “they” I’m talking about several individuals who role played (excellently) security, managers, customer representatives. I stretched out the conversation because something seemed off. I had no evidence. I don’t want to go into too much detail, but at one point I detected a slight hesitation or nervousness in one of their voices. I told them I needed a personal moment and put them on hold.
I called a guy at the bank who helps me with my retirement funds, told him the story and asked for help verifying what was going on. Within two minutes he said it was a hoax and he had real bank security on the phone with us. They wanted me to play along while they were online, looking for various clues and hoping to catch the bad guys in the act. It worked. The bad guys were in the process of transferring out everything in my accounts. It would have been a crushing DISASTER if I did not have the bank’s real security hoaxing the hoaxers! I lost nothing but time and personal esteem. The aftermath has been more painful.
It has been months since my complete identity information was stolen. I had to change every bank and credit account number, kill several email addresses I had used for decades, change all passwords, inform #SSA, #Medicare, Ibsurance companies… the whole package. I’m not done. I consider myself lucky, so far. It will never be over. I realize that protecting my identity is a constant battle.
I think it started when my info (OGE Form 450) was stolen when the #US government general administration office was hacked in 2008 (?) and virtually all employees’ financial disclosures were stolen. They gave us lifetime monitoring service which has been pretty good. It spotted and reported to me multiple breakins and data thefts over the years, including when my info was for sale on the “dark web”. I want to emphasize that I responded EVERY TIME. Nevertheless, my info from various thefts was obviously collated over time and now there is a good solid model of me for sale, complete with private information I thought I never disclosed.
This can easily happen to anyone, including you.
Everything I learned about personal infosec over the years — **advice I followed** — proved to be insufficient. I’m now looking into hardware passkeys, but that is not enough. I welcome professional #infosec and others to comment here. It is a teachable moment for all of us.
Personal #InfoSec heads up. This is my story of #identity theft. I hope it helps you avoid the hellish experience. In early December 2025, I fell for a very well-executed #phishing #fraud scam.
They pretended to be from security at my bank. They knew much more about me than I would ever expect. That was key to convincing me to stay on line, When I say “they” I’m talking about several individuals who role played (excellently) security, managers, customer representatives. I stretched out the conversation because something seemed off. I had no evidence. I don’t want to go into too much detail, but at one point I detected a slight hesitation or nervousness in one of their voices. I told them I needed a personal moment and put them on hold.
I called a guy at the bank who helps me with my retirement funds, told him the story and asked for help verifying what was going on. Within two minutes he said it was a hoax and he had real bank security on the phone with us. They wanted me to play along while they were online, looking for various clues and hoping to catch the bad guys in the act. It worked. The bad guys were in the process of transferring out everything in my accounts. It would have been a crushing DISASTER if I did not have the bank’s real security hoaxing the hoaxers! I lost nothing but time and personal esteem. The aftermath has been more painful.
It has been months since my complete identity information was stolen. I had to change every bank and credit account number, kill several email addresses I had used for decades, change all passwords, inform #SSA, #Medicare, Ibsurance companies… the whole package. I’m not done. I consider myself lucky, so far. It will never be over. I realize that protecting my identity is a constant battle.
I think it started when my info (OGE Form 450) was stolen when the #US government general administration office was hacked in 2008 (?) and virtually all employees’ financial disclosures were stolen. They gave us lifetime monitoring service which has been pretty good. It spotted and reported to me multiple breakins and data thefts over the years, including when my info was for sale on the “dark web”. I want to emphasize that I responded EVERY TIME. Nevertheless, my info from various thefts was obviously collated over time and now there is a good solid model of me for sale, complete with private information I thought I never disclosed.
This can easily happen to anyone, including you.
Everything I learned about personal infosec over the years — **advice I followed** — proved to be insufficient. I’m now looking into hardware passkeys, but that is not enough. I welcome professional #infosec and others to comment here. It is a teachable moment for all of us.
Oh, yeah, this is a good one for my #librarian and #educator colleagues to read! 🧐🎣🎓
"Why QR Codes Are Education's New #Phishing Blind Spot"
https://cybersec.ironscales.com/s/why-qr-codes-are-education-s-new-phishing-blind-spot-24710
Une campagne de #phishing sophistiquée usurpe l'identité d'Ameli via des courriels très réalistes. Les escrocs invitent les assurés à commander une Carte Vitale 2026 fictive pour dérober leurs coordonnées bancaires. Indices pour repérer l'arnaque, l'adresse expéditeur finit en .com (l'officielle est .fr) et la carte Vitale n'a pas de date d'expiration. https://www.clubic.com/actualite-594841-une-nouvelle-arnaque-a-la-carte-vitale-circule-aux-couleurs-d-ameli-et-attention-car-elle-est-tres-bien-faite.html
Une campagne de #phishing sophistiquée usurpe l'identité d'Ameli via des courriels très réalistes. Les escrocs invitent les assurés à commander une Carte Vitale 2026 fictive pour dérober leurs coordonnées bancaires. Indices pour repérer l'arnaque, l'adresse expéditeur finit en .com (l'officielle est .fr) et la carte Vitale n'a pas de date d'expiration. https://www.clubic.com/actualite-594841-une-nouvelle-arnaque-a-la-carte-vitale-circule-aux-couleurs-d-ameli-et-attention-car-elle-est-tres-bien-faite.html
Méfiez-vous de ce phishing, ça pourrait être un e-mail légitime ! 🤪
https://www.jeey.net/phishing.html
D'un côté, on nous assomme de messages "faites gaffe à vos mails" à chaque fuite de données,
De l'autre côté, l'administration t'envoie des mails en tout point semblable à du phishing...
Faudrait voir à être sérieux au bout d'un moment...
#Cybersécurité #HygièneNumérique #Phishing #OrNotPhishing #ThatIsTheQuestion
Méfiez-vous de ce phishing, ça pourrait être un e-mail légitime ! 🤪
https://www.jeey.net/phishing.html
D'un côté, on nous assomme de messages "faites gaffe à vos mails" à chaque fuite de données,
De l'autre côté, l'administration t'envoie des mails en tout point semblable à du phishing...
Faudrait voir à être sérieux au bout d'un moment...
#Cybersécurité #HygièneNumérique #Phishing #OrNotPhishing #ThatIsTheQuestion
