Slashdot Mirror

← Back to Stories (view on slashdot.org)

Highly Targeted Phishing From Salesforce.com Leak

Posted by kdawson on from the no-more-drift-nets dept.

An anonymous reader writes "Salesforce.com has finally acknowledged what security experts have suspected for weeks: that a Salesforce.com employee had his company credentials stolen in a phishing scam, and criminals have been using names and e-mail addresses from Salesforce's customer list to conduct other highly targeted phishing attacks, including the recent round of fake e-mails apparently from the Federal Trade Commission." In such hightly targeted attacks, the AV companies are at a loss — they have little chance of quickly developing signatures for threats that only reach a few thousand victims.

1 of 72 comments (clear)

  1. This is incredible by MagicBox · · Score: 3, Informative

    Yes, we were a victim. SalesForce has been extremely, I mean extremely unprofessional and tight lipped about this incident. In an emergency meeting we had with them, they did claim that the data breach had originally happened in March of this year, yet we were never notified about it so we can put procedures in place and educate our users. We only knew when one of our users "logged in" to the phishing site. Unfortunately the crooks got to the data before we could change the password (within 5 minutes), but we were lucky that nothing "confidential" was downloaded. Regardless, when we called Salesforce, initially they told us that they cannot even share more info other than telling us to change our passwords. Then more emails started coming posing at Bank sites etc. We had to go to some incredible lengths to engage the SalesForce people to admit fault and advise on how to proceed in protecting the people. Still, they were less than helpful or they seemed incompetent to do so.

    Bottom line is, how can you keep such breach a secret for 7 months without telling your clients at the very least? I have yet to receive an email from them about this. No correspondence has happened between them and us.

    Oh, and the SalesForce "security" person was saying that the law enforcement has found where the phisher is located and that "if they have not aprehended him already, they will soon do so".... Whatever. BS.

    --

    The phaomnneil pweor of the hmuan mnid. Fcuknig amzanig eh!