A group of hackers has been carrying out attacks against businesses by misusing a tool that looks like it belongs to Salesforce, according to information shared by Google’s threat researchers. These attacks have been going on for several months and have mainly focused on stealing private company information and later pressuring the victims for money.
How the Attack Happens
The hackers have been contacting employees by phone while pretending to work for their company’s technical support team. Through these phone calls, the attackers convince employees to share important login details.
After collecting this information, the hackers guide the employees to a specific page used to set up apps connected to Salesforce. Once there, the attackers use an illegal, altered version of a Salesforce data tool to quietly break into the company’s system and take sensitive data.
In many situations, the hackers don’t just stop at Salesforce. They continue to explore other parts of the company’s cloud accounts and sometimes reach deeper into the company’s private networks.
Salesforce’s Advice to Users
Earlier this year, Salesforce warned people about these kinds of scams. The company has made it clear that there is no known fault or security hole in the Salesforce platform itself. The problem is that the atta
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.