Slashdot Mirror

← Back to Stories (view on slashdot.org)

Highly Targeted Phishing From Salesforce.com Leak

Posted by kdawson on from the no-more-drift-nets dept.

An anonymous reader writes "Salesforce.com has finally acknowledged what security experts have suspected for weeks: that a Salesforce.com employee had his company credentials stolen in a phishing scam, and criminals have been using names and e-mail addresses from Salesforce's customer list to conduct other highly targeted phishing attacks, including the recent round of fake e-mails apparently from the Federal Trade Commission." In such hightly targeted attacks, the AV companies are at a loss — they have little chance of quickly developing signatures for threats that only reach a few thousand victims.

3 of 72 comments (clear)

  1. I've been meaning to ask by THernandez · · Score: -1, Offtopic

    I've submitted a few questions to Ask Slashdot to see what other /.ers use for CRM and helpdesk management, but my submissions have been rejected.

    I work for a growing IT company (just passed 30 employees) and we're looking for a web-based system to handle not only our sales but also our helpdesk and order processing systems if possible. So far we've been looking at OneOrZero (open source) and the Allbase Suite (commercial).

    Does anybody have any recommendations?

  2. GoldMine by Chas · · Score: -1, Offtopic

    I'm biased though. I'm a lead tech at a GoldMine VAR. So don't just take my word for it. Please do your own research

    For simple rolodex, it's mass overkill. But if you're looking to REALLY automate your sales force, it's the shit.

    There's the main Goldmine (Corporate Edition or Premium Edition) app for people in the office or for remote guys syncing through low-speed connections.

    You have:

    • e-mail functionality
    • SMS integration
    • calendaring
    • fairly sophisticated report generation (plus you have the options of Crystal Reports (which comes free with CE and PE) and SQL Server Reporting)
    • Human-readable filtering, grouping, SQL queries, DBase-style queries
    • fairly elaborate import and export functionality
    • leads management, document management, knowledge management, project management
    • automated processes
    • Call scripting

    And more. There's tons of functionality, of which I've only scratched the surface. And NOBODY uses it all.

    Moreover, it's designed to be a networked/shared environment BY DESIGN. Not hacked in like so many other options out there.

    For people with higher speed connections, there's virtual desktop/web-client functionality through the iGoldMine product (based on GraphOn). So you can publish not only GoldMine, but other apps (Office, etc).

    For mobile users (handheld/phones/etc), there's things like W-Systems' MA HREF="http://www.w-systems.com/www/web/products_wMobile.asp">W-Mobile offering. Presents a nice clean interface for the data, and the upcoming version will actually allow full e-mail functionality.

    For just being able to dump a list of appointments to a mobile device, there's options for syncing with Palm devices, Windows mobile devices. And for more elaborate integration of data, there's a product called CompanionLink that'll add options like Crackberry, etc.

    With Premium Edition, there's even full-blown SIP/TAPI integration (CE has rudimentary SIP functionality, thought the TAPI link is the same).

    And until you start getting into the hundreds of employees, even a modestly powerful server (think low-end desktop but packed with 2-3GB of RAM) is overkill.

    If you're looking for real, full-blown helpdesk, you're probably looking at another FrontRange (the guys who make GoldMine) product. HEAT.

    We don't deal a whole lot with HEAT. The sales cycles on it are really long, and while we DO know how to install it, some of the other FRS VARs are much better with it than we are. Basically HEAT is THE solution if you're looking for the real-deal solution though. And yes, there's intergration between the HEAT and GoldMine products.

    There's actually a third GoldMine product. GoldMine Enterprise Edition. It is, however, a VERY highly specialized product. Essentially it's setup is something similar to PeopleSoft, etc. Out of the box, it doesn't really do anything, and it takes time (and some expensive labor) to build the interface specifically to meet a given company's needs. Unless you have tons of money to burn and highly specialized needs, this solution is HUGE overkill and even FrontRange themselves will warn you that your needs could be met more economically with other products.

    We actually use GoldMine itself as a poor-man's helpdesk. Our phone system logs the calls. We just fill out billable history items once we're done. When we get ready to do billing, we just run a filter fo

    --


    Chas - The one, the only.
    THANK GOD!!!
  3. SugarCRM by MrKaos · · Score: 0, Offtopic
    I recently did an comparison between Salseforce and SugarCRM and found Sugar was surprising good in comparison to SF. Plus you have the option of hosting the application in house thus avoiding a 3rd party handling your company data, or being on list of third parties that could be subject to these sorts of scams.

    --
    My ism, it's full of beliefs.