Fachbücher zu Daten­schutz und IT-Sicher­heit finden Sie hier.
  1. Home
  2. News
  3. Targeting telephone fraud: New scam targets CRM users
  • Data Protection

Targeting telephone fraud: New scam targets CRM users

Cyber criminals are currently trying to gain access to sensitive company data via sophisticated phone calls - this time focusing on users of the well-known sales platform Salesforce. The fraudsters are disguising themselves as support staff and feigning technical problems or security incidents in order to obtain access data or persuade them to install manipulated software.

Companies in the retail, catering and education sectors are at the centre of these attempts to deceive. According to security experts from Google, the perpetrators use tactics from so-called voice phishing - or vishing for short. The trick: the callers pretend to be IT staff and claim to be acting on behalf of a well-known hacker collective. Whether this is true is questionable - it is more likely that it is just intended to stir up fear.

Those affected report that either login data was stolen or modified applications were infiltrated after the conversations, which attackers use to extract data and sell it on later. According to Google, the scam has been running since March - dozens of companies may already be affected.

Salesforce has responded and is urgently advising users to secure their own infrastructure: only allow access to known IP addresses, manage authorisations consistently, activate multi-factor authentication and use the company's own security tools consistently. This is the only way to effectively contain the danger posed by this type of social engineering.

Source: https://www.onlinehaendler-news.de

 

Back
© 2011–2025 GINDAT GmbH

About Cookies

This website uses cookies. Those have two functions: On the one hand they are providing basic functionality for this website. On the other hand they allow us to improve our content for you by saving and analyzing anonymized user data. You can redraw your consent to to using these cookies at any time. Find more information regarding cookies on our Data Protection Declaration and regarding us on the Imprint.
Mandatory

These cookies are needed for a smooth operation of our website.

Name Purpose Lifetime Type Provider
CookieConsent Saves your consent to using cookies. 1 year HTML Website
fe_typo_user Assigns your browser to a session on the server. session HTTP Website
PHPSESSID Temporary cookies which is required by PHP to temporarily store data. session HTTP Website
__cfduid missing translation: trackingobject.__cfduid.desc 30 missing translation: duration.days-session HTTP Cloudflare/ report-uri.com
Statistics

With the help of these statistics cookies we check how visitors interact with our website. The information is collected anonymously.

Name Purpose Lifetime Type Provider
_pk_id Used to store a few details about the user such as the unique visitor ID. 13 months HTML Matomo
_pk_ref Used to store the attribution information, the referrer initially used to visit the website. 6 months HTML Matomo
_pk_ses Short lived cookie used to temporarily store data for the visit. 30 minutes HTML Matomo
_pk_cvar Short lived cookie used to temporarily store data for the visit. 30 minutes HTML Matomo
MATOMO_SESSID Temporary cookies which is set when the Matomo Out-out is used. session HTTP Matomo
_pk_testcookie missing translation: trackingobject._pk_testcookie.desc session HTML Matomo