Help Desk Hijinks: How Scattered Spider Spins Chaos for UK Retailers
Scattered Spider’s help desk scams have hit major UK retailers, showcasing their knack for bypassing MFA and hijacking accounts. From vishing to deepfakes, these attacks highlight the vulnerability of “helpful” help desks. But remember—Scattered Spider aren’t a one-trick pony, their identity-first toolkit is broad and ever-evolving.
Hot Take:
Who knew help desks would become the Achilles’ heel in the tech world? Scattered Spider is apparently spinning a web of chaos, and it’s not just about Marks & Spencer losing millions or Co-op getting a cyber slap. It’s a wake-up call for companies to tighten up their help desk processes. After all, who doesn’t love a good old-fashioned “hello, IT, can you reset my password” scam?
Key Points:
- Scattered Spider’s latest attacks on UK retailers have highlighted the vulnerability of help desk processes.
- Help desk scams involve attackers impersonating employees to reset account credentials.
- The technique is not new, with previous attacks on major companies like Caesars and MGM Resorts.
- Organizations need to introduce more stringent verification processes to counter these scams.
- Scattered Spider uses a variety of identity-based tactics beyond help desk scams, including phishing and MFA bypass.
Already a member? Log in here