Salesforce.com phishing highlights security loophole
A security vendor today urged organisations to install behavioural analysis software after the hosted software provider's database became a phishing target.
Salesforce.com, the on-demand software company, this week admitted it and its customers were targeted by cyber-criminals, prompting security experts to call for extra measures to track potentially risky online behaviour.
In an open letter to customers, the software-as-a-service market leader confirmed it had been the target of a phishing exercise designed to get its end-using customers to divulge sensitive financial information.
It said the compromise occurred when a Salesforce.com employee fell victim of a phishing scam that allowed a Salesforce.com customer contact list to be copied.
"As a result of this, a small number of our customers began receiving bogus emails that looked like salesforce.com invoices," it warned.
Key considerations for implementing secure telework at scale
Identifying the security risks and advanced requirements of a remote workforceDownload now
The State of Salesforce 2020
Your guide to getting the most from SalesforceDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Rethink your cybersecurity strategy for the new world
5 steps to secure the enterprise and be fit for a flexible futureDownload now