Security News > 2023 > August > Salesforce and Meta suffer phishing campaign that evades typical detection methods

The Guardio research team discovered an email phishing campaign exploiting a zero-day vulnerability in Salesforce's legitimate email services and SMTP servers.

The vulnerability allowed threat actors to craft targeted phishing emails, evading conventional detection methods by leveraging Salesforce's domain and reputation and exploiting legacy quirks in Facebook's web games platform.

83% of organizations face phishing attacks every year, and mass-market emails are the most prevalent form of phishing, disguised as emails from reputable companies, through which recipients are deceived into taking harmful actions like downloading malware or clicking on malicious links which expose credentials to social and financial accounts.

Using phishing techniques, the threat actors successfully hid malicious email traffic within legitimate and trusted email gateway services, allowing them to capitalize on the companies' volume and reputation.

Phishing campaign flow: From Salesforce to phishing kit hiding in Facebook's web games platform.

"We commend Salesforce and Meta for their prompt actions and ongoing efforts to bolster the security and resilience of their platforms. We advise other service providers to follow suit, securing data gateways and bolstering verification processes."

News URL

https://www.helpnetsecurity.com/2023/08/02/salesforce-phishing-campaign/