ProPublica reporter Robert Faturechi received a call from an unknown Canadian number, where a stern voice claimed to be a military official. The caller quickly warned that someone was impersonating Faturechi on WhatsApp, using his headshot and a Miami number. After the official promised email proof, Faturechi forwarded the screenshots immediately for ProPublica’s internal security team.

Two weeks later a Latvian businessman, who supplies Ukrainian forces with drones, messaged Faturechi on LinkedIn, claiming a prior Signal conversation. He attached screenshots showing an impostor using the reporter’s photo and asking about UAV expertise. The fake profile refused voice calls, pushed for written messages, and even sent fake video‑call instructions that aimed to harvest the businessman’s email credentials.

ProPublica’s security team advised reporting the WhatsApp spoof to the platform, which confirmed the account’s removal. Meanwhile, Signal’s design—minimal metadata and no user‑lookup—limits its ability to flag impostors, though it now throttles rapid messaging and disables unknown links. EFF technologist Cooper Quintin noted a rise in attacks on Signal as its user base expands.

Digital‑security consultant Runa Sandvik explained that verification similar to Facebook’s blue check isn’t feasible for Signal without compromising its privacy model. WhatsApp’s spokesperson claimed the company routinely bans scam accounts but declined to detail the action taken against the spoof. The incidents underscore how journalists must now guard against identity theft on even encrypted messaging services.