CyberheistNews Vol 16 #26 A New Extortion Scam Uses IT Impersonation to Breach Organizations
ID: 933fdd33-86b2-57c0-9f57-c8bb4d057a96
STIX ID: report--933fdd33-86b2-57c0-9f57-c8bb4d057a96
Feed Name: KnowBe4 Blog
This CyberheistNews issue summarizes several active criminal trends: the 'Pink' extortion group uses vishing and fake IT support to steal credentials and MFA tokens, rapidly exfiltrate SharePoint/OneDrive data, and send internal extortion messages; device-code phishing and mature phishing kits (Tycoon2FA, EvilTokens, Kali365) are enabling large-scale account takeover; INC RaaS is aggressively targeting the legal sector; and deepfake-as-a-service is accelerating more convincing BEC and impersonation scams—accompanied by industry guidance on detection and mitigation.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
