IT support teams, also known as service desks, are usually the first people we call when something goes wrong with our computers or accounts. They’re there to help fix issues, unlock accounts, and reset passwords. But this helpfulness is now being used against them.
Cybercriminals are targeting these service desks by pretending to be trusted employees or partners. They call in with fake stories, hoping to trick support staff into giving them access to systems. This method, called social engineering, relies on human trust — not hacking tools.
Recent Examples of These Attacks
In the past few months, several well-known companies have been hit by this kind of trickery:
1. Marks & Spencer: Attackers got the IT team to reset passwords, which gave them access to personal data. Their website and online services were down for weeks.
2. Co-Op Group: The support team was misled into giving system access. As a result, customer details and staff logins were stolen, and some store shelves went empty.
3. Harrods: Hackers tried a similar trick but were caught in time before they could cause any damage.
4. Dior: An unknown group accessed customer information like names and shopping history. Thankfully, no payment details were leaked.
5. MGM Resorts (2023): Hackers phoned the help desk, p
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.