{"id":350,"date":"2026-06-29T14:14:33","date_gmt":"2026-06-29T05:14:33","guid":{"rendered":"https:\/\/onepress.co.kr\/index.php\/briefing\/2026-06-29-messaging-phishing-warning-check-en\/"},"modified":"2026-06-29T14:31:32","modified_gmt":"2026-06-29T05:31:32","slug":"2026-06-29-messaging-phishing-warning-check-en","status":"publish","type":"briefing","link":"https:\/\/onepress.co.kr\/index.php\/briefing\/2026-06-29-messaging-phishing-warning-check-en\/","title":{"rendered":"If a messaging app asks for a login check, distrust the message before the app"},"content":{"rendered":"<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/onepress.co.kr\/wp-content\/uploads\/2026\/06\/messaging-phishing-warning-sketch.png\" alt=\"Watercolor sketch of a person staring at a messaging app showing a fake security alert and code request\" \/><figcaption>A ONEPRESS cyber safety illustration based on the June 26, 2026 CISA and FBI warning.<\/figcaption><\/figure>\n<ul>\n<li><strong>Checked:<\/strong> 2026-06-29 09:30 KST<\/li>\n<li><strong>Primary sources:<\/strong> CISA, FBI IC3<\/li>\n<\/ul>\n<p>This is not an app outage notice. It is a warning that <strong>phishing messages inside messaging apps<\/strong> are being used to steal logins, sessions and verification codes. On June 26, 2026, CISA and the FBI updated a public warning saying Russian intelligence-linked actors are targeting commercial messaging applications in ongoing phishing campaigns.<\/p>\n<p>The public-life angle is simple: the attack often begins in an ordinary chat window on your phone. Work contacts, relatives, banks, delivery alerts and travel updates all live in the same place. That makes fake \u201csecurity check,\u201d \u201cnew device login,\u201d or \u201csend me the code\u201d messages more dangerous than they look.<\/p>\n<h2>User checks<\/h2>\n<ol>\n<li>Do not use links inside the message to sign back in. Open the official app or site yourself.<\/li>\n<li>If anyone asks for a verification code, backup code or QR scan, verify the person through another channel first.<\/li>\n<li>Check that two-factor authentication, recovery email and recovery phone details are still yours.<\/li>\n<li>If you already clicked, change the password, review logged-in sessions and rotate any reused passwords elsewhere.<\/li>\n<\/ol>\n<h2>Official links<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.cisa.gov\/resources-tools\/resources\/russian-intelligence-services-continue-target-commercial-messaging-applications\" target=\"_blank\" rel=\"noopener noreferrer\">CISA updated PSA on messaging-app phishing<\/a><\/li>\n<li><a href=\"https:\/\/www.ic3.gov\/PSA\/2026\/PSA260626\" target=\"_blank\" rel=\"noopener noreferrer\">FBI IC3 PSA published June 26, 2026<\/a><\/li>\n<\/ul>\n<p><strong>Bottom line:<\/strong> The risk today is not \u201cmessaging apps are unsafe.\u201d The risk is that <strong>official-looking login requests inside messaging apps<\/strong> are being used as the doorway.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA and the FBI updated a warning on June 26, 2026 about Russian-linked phishing campaigns targeting commercial messaging apps. The practical risk today is not the app itself but messages pushing fake login checks, links, and code requests.<\/p>\n","protected":false},"featured_media":0,"template":"","meta":[],"class_list":["post-350","briefing","type-briefing","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/onepress.co.kr\/index.php\/wp-json\/wp\/v2\/briefing\/350","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onepress.co.kr\/index.php\/wp-json\/wp\/v2\/briefing"}],"about":[{"href":"https:\/\/onepress.co.kr\/index.php\/wp-json\/wp\/v2\/types\/briefing"}],"wp:attachment":[{"href":"https:\/\/onepress.co.kr\/index.php\/wp-json\/wp\/v2\/media?parent=350"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}