Martin

@mshelton
2.3K Followers
501 Following
353 Posts

Security therapist. Deputy Director of Digital Security @freedomofpress. Journalism, digital security, research.

If you want to get security news and updates from our team somewhere that's not Twitter, subscribe to the newsletter: https://freedom.press/newsletters/

Websitehttps://mshelt.onl/
freedom.presshttps://freedom.press/people/martin-shelton/
Digital security newsletterhttps://freedom.press/newsletters/
PronounsHe/him
Martin2d ago
Martin3d ago

We're seeing a fun new iteration on "Signal Support" scam attacks. Now attackers aren't just trying to hijack Signal accounts, but they are also trying to get targets' backup recovery keys.

Simply put, Signal will not reach out to you from a support account. Report and move on.
https://freedom.press/digisec/blog/psa-signal-backup-hijacking-attack/

PSA: Signal backup hijacking attack

Now there are yet more reasons to look out for Signal Support scams

Freedom of the Press
Martin2d ago
Martin2d ago
We're once again updating our guidance on maximizing the settings of Signal and WhatsApp. We have added more about features to relay your IP through Signal and WhatsApp's servers. This will prevent your ISP from being able to discern the IP addresses of those you are speaking with over voice or video calls. https://freedom.press/digisec/blog/locking-down-signal/
https://freedom.press/digisec/blog/upgrading-whatsapp-security/
Locking down Signal

Also available in Spanish.

Freedom of the Press
Martin2d ago

Martin when the Switch 2 launched in 2025: This is unbelievably expensive

Martin in 2026: I don't know anything any more

Martin2d ago
We're once again updating our guidance on maximizing the settings of Signal and WhatsApp. We have added more about features to relay your IP through Signal and WhatsApp's servers. This will prevent your ISP from being able to discern the IP addresses of those you are speaking with over voice or video calls. https://freedom.press/digisec/blog/locking-down-signal/
https://freedom.press/digisec/blog/upgrading-whatsapp-security/
Locking down Signal

Also available in Spanish.

Freedom of the Press
Show threadMartin3d ago
We're expecting to include more recommendations pretty shortly. Look out for those.
Show threadMartin3d ago
I will take every opportunity to deliver the good word of how to maximize your Signal security settings: https://freedom.press/digisec/blog/locking-down-signal/
Locking down Signal

Also available in Spanish.

Freedom of the Press
Show threadMartin3d ago
I won't lose any sleep over this particular attack. But it really is a reminder of how patient and persistent attackers can be. That part is a little spooby.
Martin3d ago

We're seeing a fun new iteration on "Signal Support" scam attacks. Now attackers aren't just trying to hijack Signal accounts, but they are also trying to get targets' backup recovery keys.

Simply put, Signal will not reach out to you from a support account. Report and move on.
https://freedom.press/digisec/blog/psa-signal-backup-hijacking-attack/

PSA: Signal backup hijacking attack

Now there are yet more reasons to look out for Signal Support scams

Freedom of the Press
Martin3d ago
I will probably use this example in a bunch of my AI safety related trainings. Here's why, if you use them at all, you severely constrain what data your agents can access, and what actions they can take on that data. https://techcrunch.com/2026/06/03/instagram-is-alerting-users-who-were-targeted-by-hackers-during-ai-chatbot-attacks/
Instagram is alerting users who were targeted by hackers during AI chatbot attacks | TechCrunch

Hackers appeared to take over victims’ accounts even after Meta said it fixed its AI-powered support chatbot, which granted hackers access to victims’ accounts.

TechCrunch
Show threadMartin4d ago
You can give whatever you think is the most obvious way for people to understand how to trust they're getting something from the devs. But there is no guarantee here. The troublemakers we're dealing with are extremely, extremely persistent. So long as there's creativity, this is never over.