Bottom line: Russian intelligence services are conducting phishing campaigns against messenger users to compromise sensitive backup recovery keys.
The FBI is warning of phishing campaigns by Russian actors impersonating messenger support staff to target users’ backup recovery keys. The attackers use social engineering to gain access to encrypted communication channels.
Russian attackers connected to intelligence services are conducting phishing campaigns in which they impersonate technical support for messaging applications. The goal: to trick users into disclosing their backup recovery keys.
For CISOs, this represents a significant risk to enterprise communications. Backup keys provide critical failover protection but are also highly sensitive authentication factors. Compromised keys enable attackers to access encrypted message histories, which is particularly problematic for regulated industries or when private messengers are used for sensitive communications.
Organizations should raise user awareness about the risks of unsolicited support contacts and establish clear policies: backup keys are as confidential as passwords and should never be transmitted over the phone or via chat to support staff. Additionally, regular reviews of access to messaging systems are recommended, and the use of additional authentication factors should be implemented where possible.
Source: www.heise.de · Published 29 June 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.2.