Emerging security and privacy threats throughout the full lifecycle of 6G semantic communication (SemCom) pose critical challenges to system integrity and user trust. Method: This paper systematically analyzes threats across three core phases—semantic model training, transfer, and transmission—and proposes the first SemCom-specific, three-stage threat taxonomy. It establishes the inaugural comprehensive survey framework for defense-in-depth techniques tailored to 6G SemCom, integrating cross-layer mechanisms including physical-layer security, differential privacy, blockchain, and adversarial training. Contribution/Results: The work holistically categorizes over 30 security techniques, clarifying their applicability scopes and inherent limitations. Furthermore, it identifies six key future research directions—including semantic trust certification and lightweight semantic encryption—thereby providing a rigorous theoretical foundation and a concrete technical roadmap for advancing secure 6G semantic communication.

Semantic communication (SemCom) is regarded as a promising and revolutionary technology in 6G, aiming to transcend the constraints of ``Shannon's trap"by filtering out redundant information and extracting the core of effective data. Compared to traditional communication paradigms, SemCom offers several notable advantages, such as reducing the burden on data transmission, enhancing network management efficiency, and optimizing resource allocation. Numerous researchers have extensively explored SemCom from various perspectives, including network architecture, theoretical analysis, potential technologies, and future applications. However, as SemCom continues to evolve, a multitude of security and privacy concerns have arisen, posing threats to the confidentiality, integrity, and availability of SemCom systems. This paper presents a comprehensive survey of the technologies that can be utilized to secure SemCom. Firstly, we elaborate on the entire life cycle of SemCom, which includes the model training, model transfer, and semantic information transmission phases. Then, we identify the security and privacy issues that emerge during these three stages. Furthermore, we summarize the techniques available to mitigate these security and privacy threats, including data cleaning, robust learning, defensive strategies against backdoor attacks, adversarial training, differential privacy, cryptography, blockchain technology, model compression, and physical-layer security. Lastly, this paper outlines future research directions to guide researchers in related fields.