Russian Hackers Are Targeting Popular Messaging Apps. Here's How to Stay Safe

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued an updated warning about Russian intelligence services targeting commercial messaging applications. These are the apps many families use daily to stay in touch with friends, family, and coworkers. The attackers are using phishing campaigns, which means they send fake messages trying to trick you into giving away your password or clicking dangerous links. This affects anyone who uses popular messaging apps for personal or work communication.

If you use messaging apps on your phone or computer, you could be targeted. The goal of these attackers is to gain access to your private conversations, contacts, and any sensitive information you share through these apps.

Here is what you should do right now to protect yourself:

1. Be extremely suspicious of any unexpected messages asking you to click links or enter your password, even if they appear to come from the messaging app company.
2. Never click links in messages unless you are absolutely certain who sent them and why.
3. Enable two-factor authentication (also called multi-factor authentication) on all your messaging apps. This adds an extra security step beyond just your password.
4. Check your messaging app security settings and look for any unfamiliar devices that have access to your account. Remove anything you do not recognize.
5. Update your messaging apps to the latest version available. To stay protected long term, make it a habit to question any message that asks you to take urgent action or enter your credentials. Legitimate companies rarely ask for passwords through messages or emails. Talk with your family members, especially teens and elderly relatives, about these phishing tactics. The best defense is staying alert and thinking twice before clicking.