Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat Intelligence Group (GTIG) has warned. The attackers in question – currently tracked as UNC6040 – are masters at voice phishing (“vishing“): they are impersonating the organizations’ IT support personnel and manipulating employees into sharing credentials and connecting a malicious app to their organization’s Salesforce portal. The primary goal is the exfiltration of … More
The post Attackers fake IT support calls to steal Salesforce data appeared first on Help Net Security.
This article has been indexed from Help Net Security