Salesforce’s email services and SMTP servers were compromised by a zero-day vulnerability that hackers used to execute a sophisticated phishing campaign that targeted valued Facebook accounts.
Bypassing Salesforce’s sender verification protections and peculiarities in Facebook’s web gaming platform, the attackers used a weakness known as “PhishForce” to send phishing emails in bulk.
In order to get over security email gateways and filtering rules and deliver malicious emails to the target’s inbox, phishing emails can be sent through a trusted email gateway like Salesforce read more Hackers exploited Salesforce zero day in Facebook phishing attack.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.