Fake IT Support Scams Steal Salesforce Data from 20 Orgs, Extortion Follows, Google Warns
Cybersecurity researchers have uncovered a significant threat involving fake IT support scams targeting organizations using Salesforce. This sophisticated operation has successfully compromised the data of at least 20 organizations by impersonating internal or external IT help desks.
The attackers use social engineering tactics, often contacting employees directly and convincing them to provide access or credentials under the guise of technical assistance. Once inside the Salesforce environment, they exfiltrate sensitive and valuable data.
Following the data theft, the threat actors engage in extortion. They contact the affected companies, demanding payment, often in cryptocurrency, to prevent the release or sale of the stolen information. This adds a severe layer of risk beyond the initial breach, impacting reputation and potentially legal standing.
Security teams are urging vigilance, particularly regarding unsolicited contact from individuals claiming to be support staff. Companies are advised to reinforce security protocols, implement multi-factor authentication, and educate employees about recognizing and reporting suspicious communications. The warning highlights the critical need for robust defense mechanisms against social engineering attacks focused on high-value corporate platforms like Salesforce.
Source: https://go.theregister.com/feed/www.theregister.com/2025/06/04/fake_it_support_calls_hit/
