I was in Norway some time ago and being close to the russian border, it is know publicly that US intelligence is very active in this area. (The locals even joke about the US personell there, calling them something like "Uncle Sam's bunnies") One day, I received a strange contact request from an profile with a phot that seemed to be a professional (like, photo ID) photo shoot of a young asian woman with long hair, blue or grey background. I didn't recognize that woman. The message she sent was extremely generic, like: "Hi, how are you? I believe we've met." ... I don't remember the exact wording, as I immediately rejected the request and deleted the chat and I couldn't take a screenshot, since Signal doesn't allow to do that by default.

I had Graphene OS on a Pixel 6a installed. Since then, I've installed Molly and deleted the Signal app. The internal integrity and security tests never returned any errors.

However, a few months later, a family member received the exact same request. Since WhatsApp was recently hacked by Paragon, resulting in hundreds of journalists smartphones being remotely accessed, I got very alert.

Has anyone made a similar experience? So far, I couldn't find any similar documented case online.

    • Ffph

      • Post #2
      • Edited

      Nah this seems like a normal phishing scam. No "hacking" or special rights are needed to send you an unwanted message. I believe they are fairly common. I have never gotten close to the Russian border this past year, and yet in that timespan I have received messages from Winni, Nelly, Karen, Amy, Karen again, and Sofia (and no, I am not that popular with women). Just block and report.

      I hope that's the case. I'm extremely cautious with giving away my phone number. In the past say 10 years, I got like 2 calls from an unknown number from another country. Also, I never give out my phone number on the web for accounts, verifications or anything else. I just punch in some VoIP or a random local phone number. Since I never get any scam or phishing messages, it kinda cought me off guard getting one at all and then even in Signal. (I turned off showing my phone number to other Signal users since then)

      umbrin688 I too receive an almost identical message request every now and then. Since turning off discovery via phone number and changing my number, I haven't received any so if it really bothers you, you could try that.

        I received similar message twice. I think that they got our phone numbers from database leak.

        The purpose behind is to push you to buy some crypto and take as much as money they can from your bank account

        Just block them and report as spam

        Also change the who can find me by number to nobody and create an username

        umbrin688 100% just phishing don't worry. In Germany we get things like "hey mom and dad this is my new number" all the time.

          • BByku

            • Post #7

            Can confirm too it's just a scamming tactic. Had an identical case, some random with a female pic.

            What evidence is there that there was a hack at all? Sounds like a scam just like the Nigerian prince emails.

            • locked

              • Post #9
              • Edited

              umbrin688 Whether it was an attempted hack or not is speculation. A lot of attacks come through messages, and the most advanced, come in as silent messages (from what I have been reading) It's probably a good idea, (as someone stated above) to don't allow people not on your contacts list to contact you. I have this setting for Signal and also Telegram, but for telegram, premium is required (that's a bummer). Also It's highly recommended to at least have a Pixel 8, so you can have memory tagging

                  If you use known prefixes for mobile phones in any given country theres not a huge number of possible phone numbers. Its possible to create Signal accounts with a load of randomly selected possible phone numbers in your contacts and see if any of them belong to registered users.

                  A few years ago Signal spam was much more widespread. They made some efforts to block obviously abusive accounts. Made it more difficult to register using VPNs etc.

                  thx all for replying! from what it sounds, it was probably really just a spam / phishing attempt with random numbers.
                  ... then again:
                  locked
                  one can never really tell. the kind of software they use to break into journalists' phones might be able to go completely unnoticed. and maybe even on GOS. unless someone with data forensic skills can take a look at it.
                  my threat model is extremely low. i just like and appreciate privacy in my life and i'm super greatful for GOS devs for making this possible! <3

                  a Pixel 8 would be great. thanks for the advice!!