Security News > 2024 > June > CDK warns: threat actors are calling customers, posing as support
CDK Global has cautioned customers about unscrupulous actors calling them and posing as CDK agents or affiliates to gain unauthorized systems access.
Just as the company was recovering from the ongoing cyberattack, it experienced a second cyberattack on Wednesday, June 19th. As a result of multiple attacks, CDK is acting out of caution and has stated that its "Customer Care channels for support remain unavailable as a precautionary measure to maintain security."
When called by BleepingComputer, a prerecorded message played cautioning customers about threat actors now capitalizing on this opportunity to prey on CDK customers who are left with limited support options during this time.
"We are aware that bad actors are contacting our customers posing as members or affiliates of CDK trying to obtain system access," states CDK's prerecorded message on its English toll-free line.
Threat actors can, for example, initiate unsolicited phishing emails or phone calls to customers that claim to originate from CDK support associates but are not, or indulge in other forms of communications to facilitate illicit activities or gain further unauthorized access to proprietary systems and financial assets.
CDK Global customers and partners should remain vigilant and refrain from engaging in communications, particularly those impersonating CDK customer support or employees.