<ul><li>Google experts warn about an ongoing vishing campaign where threat actors impersonate IT support to trick individuals into downloading malware and steal data.</li><li>Around 20 companies lost their data due to cybercriminals impersonating Salesforce and tricking employees into installing a tainted version of Salesforce Data Loader.</li><li>The threat actor UNC6040 targeted organizations in various sectors like hospitality, retail, and education by calling them and gaining access to sensitive information from compromised Salesforce environments.</li><li>Google advises educating employees on phishing dangers to defend against such campaigns, as no vulnerabilities specific to Salesforce were exploited in this cyber extortion scheme.</li></ul>

Fake IT support voice calls lead to cyber extortion and stolen company data

Discover more