Phishing Tactics: The Rise of Fake Helpdesk Calls

The Register has highlighted a new phishing tactic employed by the group known as 'Pink', which involves fake helpdesk calls to steal credentials. This method targets employees by impersonating IT support, convincing them to divulge sensitive information. Such tactics are reminiscent of those used by the notorious Lapsus$ group.

Why this matters for UK organisations

UK businesses should be aware of this evolving threat and reinforce security awareness training for staff. Educating employees about recognising and responding to phishing attempts is crucial to preventing credential theft and subsequent breaches. This includes understanding the signs of phishing and verifying the authenticity of helpdesk calls.

What to review

Organisations should enhance their employee training programs to include the latest phishing tactics, such as fake helpdesk calls. Implementing robust verification processes for any unsolicited requests for sensitive information is also essential. Regularly updating training materials and conducting phishing simulations can help maintain a high level of awareness among staff.

Source: The Register