Scattered Spider: New Cyber Attack Targets Telcos
CrowdStrike details a campaign that combines social engineering, smishing and remote code execution to infiltrate the systems of telcos, sometimes with the intention to perform SIM swaps.
CrowdStrike details a campaign that combines social engineering, smishing and remote code execution to infiltrate the systems of telcos, sometimes with the intention to perform SIM swaps.
The US comms provider said hackers obtained information about 125 businesses that use their services.
Argishti Khudaverdyan used phishing and social engineering to fool T‑Mobile employees into giving him access to corporate systems.
The telco played down the importance of the breach whilst the hacker mocked ‘idiot’ employees for believing he was from PC support.
A 1980’s phreaker said she stole the phone numbers of LA celebrities by checking unlocked cabinets in the office of Pacific Bell.
Social engineering was identified as the top cybersecurity risk per respondents to the RAG RAFMCS Survey 2021.
Criminals phone staff as they work at home, then tell them to log on to phishing websites that look like corporate portals.
Some suspect insiders were paid to give access to the accounts of VIPs including Barack Obama, Elon Musk and Kanye West.