logo

CyberheistNews Vol 16 #26 A New Extortion Scam Uses IT Impersonation to Breach Organizations

ID: 933fdd33-86b2-57c0-9f57-c8bb4d057a96

STIX ID: report--933fdd33-86b2-57c0-9f57-c8bb4d057a96

Feed Name: KnowBe4 Blog

Threat Score
75/100

Date Published: 2026-06-30

Date Updated: 2026-07-02

Author: KnowBe4 Team

...
...

This CyberheistNews issue summarizes several active criminal trends: the 'Pink' extortion group uses vishing and fake IT support to steal credentials and MFA tokens, rapidly exfiltrate SharePoint/OneDrive data, and send internal extortion messages; device-code phishing and mature phishing kits (Tycoon2FA, EvilTokens, Kali365) are enabling large-scale account takeover; INC RaaS is aggressively targeting the legal sector; and deepfake-as-a-service is accelerating more convincing BEC and impersonation scams—accompanied by industry guidance on detection and mitigation.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.