We provide a privacy-first, end-to-end encrypted (E2EE) messaging and calling platform designed so only you and your intended recipients can communicate securely. Even with strong encryption, attackers may still attempt social engineering, phishing, or impersonation to trick you into revealing sensitive information.
This FAQ explains how to recognize, prevent, and report such threats, and clarifies how Signal’s support team communicates.
Does Signal support contact users directly?
Signal will let you know about new features via the official Signal chat. This is not a chat where messages can be exchanged, it is a view only chat with a unique background image. This chat will also display a static alert in the bottom that says "The only official chat from Signal".
We do not initiate contact via a chat converstation where messages are exchanged. Chats where messages can be exchanged will first show a Message Request screen with buttons to accept, reject, or block. Signal staff will never contact you this way.
If you would like to see what a message request looks like, please see this FAQ page.
Signal staff will never initiate contact with you via phone calls, SMS, or social media. Signal staff will never ask you to verify your PIN or recovery key within the context of a chat conversation (where messages are exchanged).
If anyone messages you claiming to be from our team:
- Do not reply or share any information.
- Report and block the account in-app.
- Contact us only through our official method.
What does a support-impersonation scam look like?
Scammers may:
- Create a fake profile or presence similar to ours.
- Ask for your account verification code, claiming it is needed due to a problem or confirmation.
- Send links to “verify” or “restore” account access.
Reminder: We will never ask for verification codes, recovery keys, or payment details.
What is Phishing?
Phishing is a type of scam where attackers impersonate trusted contacts or services with the goal of stealing information through emails, links, or calls.
Warning Signs:
- Unexpected messages or calls requesting sensitive information, like SMS codes or passwords.
- Sense of urgency: “Your account will be locked / lost unless..”
- Suspicious links, misspelled addresses.
When in doubt, verify through official channels.
I was asked for my Signal verification code, Signal PIN, and/or Backup Recovery Key. What should I do?
It is a phishing attempt. Your code is the key to your account, never share it.
Reminder: Your Signal verification code is only needed during the in-app registration flow. Never give your verification code to anyone, not even if they claim to be a bot or representative of Signal.
Common scams
Even with strong encryption, scammers can send the wrong signals and exploit human trust.
| Scam Type | What It Looks Like | How to Protect Yourself |
| Phishing or Impersonation | Someone pretends to be a friend, company, or support team to steal your verification code or password. | Always verify their identity through another channel. Never share your codes. |
| Malicious Links or Apps | Links or downloads that lead to fake login pages or install malware on your device. | Don’t click links you weren’t expecting. Check URLs carefully before opening. |
| Prize, Job, or Investment Scams | Messages claiming you’ve won a prize, landed a job, or offering high-return investments. | If it seems too good to be true, it probably is. Be skeptical. |
| Romance or Trust-Based Scams | Someone uses emotional manipulation to get money or personal information from you. | Be careful when sharing personal details with new contacts. |
Stay Safe
- Never share verification codes, backup recovery keys or passwords.
- Only contact support via our official email.
- Assume unexpected messages may be phishing.
- Inspect links and files before clicking or opening.
- Block unknown or suspicious contacts.
- Keep your app updated and review privacy settings regularly.
- If you suspect a scam: stop communication and do not share any information.
- For financial or identity fraud, consider notifying local authorities.