Zendesk Employees Fall Prey to SMS Phishing Scam

Recent reports reveal that employees of Zendesk, a San Francisco-based customer service platform, have been targeted by a sophisticated SMS phishing scam. The attack originated by sending text messages to employees claiming that their email accounts had been locked, according to researchers Urban Schrott and Sarah Niskar. The malicious actors then asked employees to follow a link in the text message. If users clicked on the link, they were taken to a malicious site that asked for their credentials. Once the attackers had the users' passwords, they were able to access their accounts, spread malware and steal sensitive data. Furthermore, the attackers were also able to send further SMS phishing messages to other Zendesk employees. This is yet another example of why it is so important to remain vigilant with our online security. While SMS phishing messages may seem innocent, they can be incredibly dangerous. It is important to remember that cybercriminals are incredibly adept at utilizing modern technology to conduct malicious attacks. At the same time, businesses must utilize the best security measures to protect their data. This includes using multi-factor authentication, implementing data encryption, and regularly updating their systems and software. Additionally, businesses should use security tools and measures to detect any malicious activity. The reality of the situation is that as more people are using technology to conduct business, malicious actors will only become more adept at utilizing it to their advantage. Therefore, it is essential that businesses and individuals stay up-to-date on the latest cyber security news and employ the best security measures to protect their data. By taking these preventive measures, we can better protect ourselves and our data from cyber crime.

This Cyber News was published on www.hackread.com. Publication date: Wed, 25 Jan 2023 00:37:03 +0000


Cyber News related to Zendesk Employees Fall Prey to SMS Phishing Scam

Zendesk Employees Fall Prey to SMS Phishing Scam - Recent reports reveal that employees of Zendesk, a San Francisco-based customer service platform, have been targeted by a sophisticated SMS phishing scam. ...
1 year ago Hackread.com
Advanced Threat Protection for Zendesk Launched by Perception Point - Perception Point, a leading provider of AI-powered cybersecurity solutions, has announced the launch of its advanced threat protection, specifically dedicated to Zendesk services. The solution was developed to protect customer service communications, ...
1 year ago Csoonline.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
8 months ago Techrepublic.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
5 months ago Hackread.com
New Phishing Scam Hooks META Businesses with Trademark Threats - The phishing scam falsely asserts that the victim's Facebook page will be permanently deleted due to a post allegedly infringing on trademark rights. There is no actual infringement; it's all part of the scammer's malicious plan. In a recent wave of ...
8 months ago Hackread.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
8 months ago Helpnetsecurity.com
Watch out for "I can't believe he is gone" Facebook phishing posts - This phishing attack is ongoing and widely spread on Facebook through friend's hacked accounts, as the threat actors build a massive army of stolen accounts for use in further scams on the social media platform. As the posts come from your friends' ...
8 months ago Bleepingcomputer.com
USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data - A new USPS Delivery Phishing Scam has surfaced, in which scammers are exploiting Freemium Dynamic DNS and SaaS Providers to steal victims' login credentials and other data. Cybersecurity researchers at Bloster AI have uncovered a new USPS Delivery ...
10 months ago Hackread.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
1 year ago Trendmicro.com
One Phish, Two Phish, Red Phish, Blue Phish - I sat down for a chat with George Skouroupathis, our phishing expert at Resonance Security. Phishing is often the first step taken by hackers in a larger scam. There are lots of different kinds of phishing attacks, but one of the most prevalent is ...
4 months ago Hackread.com
Check Point Research Unfolds: Navigating the Deceptive Waters: Unmasking A Sophisticated Ongoing NFT Airdrop Scam - Sophisticated Scam Targeting Token Holders: Over 100 popular projects' token holders targeted with fake NFT airdrops appearing from reputable sources. Multi-Stage Deception Uncovered: The ongoing Scam involves enticing victims to fraudulent websites ...
8 months ago Blog.checkpoint.com
Fraudulent "CryptoRom" Apps Slip Through Apple and Google App Store Review Process - Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam. What is new is that apps perpetrating the scam can be downloaded from the official Apple and Android app stores - giving them greater apparent validity to ...
1 year ago Securityweek.com
Is that survey real or fake? How to spot a survey scam - Online surveys and quizzes are all over the internet. They're quick and cheap to set up, easy for recipients to fill out, and simple for researchers to interpret. It's no wonder that they remain a popular tool for marketers to reach and research ...
1 year ago Welivesecurity.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
8 months ago Gbhackers.com
Payoneer accounts in Argentina hacked in 2FA bypass attacks - Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. Payoneer is a financial services platform providing online money ...
8 months ago Bleepingcomputer.com
Fraudsters make $50,000 a day by spoofing crypto researchers - Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X. To lure potential victims, the scammer uses a breach on major ...
10 months ago Bleepingcomputer.com
The Human Firewall: Strengthening the Weakest Link in Cybersecurity - With new technology and changed business operations comes exposure to new cyber risks, prompting companies to prioritize and invest in stronger cybersecurity measures. A joint study by Stanford University Professor Jeff Hancock and security firm ...
9 months ago Cyberdefensemagazine.com
7 Months Inside an Online Scam Labor Camp - He had been kidnapped and forced to work for an abusive online scam operation. A man was abducted by a Chinese gang and forced to work in a scam operation. More than anything else, Neo Lu, a 28-year-old Chinese office worker, believed the gig would ...
9 months ago Nytimes.com
Massive utility scam campaign spreads via online ads - When customers want to discuss their bills or look for ways to save money, scammers are just a phone call away. Enter the utility scam, where crooks pretend to be your utility company so they can threaten and extort as much money from you as they ...
7 months ago Malwarebytes.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
7 months ago Cyberdefensemagazine.com
Booking.com Customers Scammed in Novel Social Engineering Campaign - Booking.com customers are being targeted by a novel social engineering campaign, which is "Paying serious dividends" for cybercriminals, according to new research by Secureworks. The researchers said the campaign, which they believe has been running ...
10 months ago Infosecurity-magazine.com
Over 800 Phony "Temu" Domains Lure Shoppers into Credential Theft - Stay alert against Temu phishing scams: Cybersecurity experts warn of scammers using fake giveaways to steal credentials. Over 800 new 'Temu' domains registered in the past 3 months. Temu is the latest brand chosen by scammers for their phishing ...
8 months ago Hackread.com
Definition from TechTarget - BYOD is a policy that enables employees in an organization to use their personally owned devices for work-related activities. Smartphones are the most common mobile device an employee might take to work, but they also take their own tablets, laptops ...
8 months ago Techtarget.com
15% of office workers use unsanctioned GenAI tools - Help Net Security - Rigid security protocols — such as complex authentication processes and highly restrictive access controls — can frustrate employees, slow productivity and lead to unsafe workarounds, according to Ivanti. When employees have unfettered access to ...
1 week ago Helpnetsecurity.com
CVE-2017-17780 - The Clockwork SMS clockwork-test-message.php component has XSS via a crafted "to" parameter in a clockwork-test-message request to wp-admin/admin.php. This component code is found in the following WordPress plugins: Clockwork Free and Paid ...
3 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)