Software-as-a-service (SaaS) specialist Salesforce.com has revealed that one of its employees has involuntarily surrendered the keys of the company's customer database to criminals after failing over a targeted e-mail virus and phishing attacks.
The firm has reached its one million subscriber mark and this comes at a time where more businesses are considering/evaluating using online services rather than desktop bound applications.
"Dear Salesforce.com Customer,
It's time to take more action to prevent phishing. For salesforce.com, that means alerting our customers to specific new threats, raising awareness around the issue, educating administrators about key steps they can take today, and continuing to define, develop, and deploy the technologies that deliver customer security and success. In this note, we'll clarify recent issues and outline what our customers can do to increase security.
Phishing and Salesforce.com
Phishing and malware are Internet scams on the rise. As salesforce.com's community approaches one million subscribers, it has become an increasingly appealing target for phishers. In fact, we have seen a rise in phishing attempts directed at salesforce.com customers over the past few months.
When we first saw signs of this sudden rise, we conducted a thorough analysis. We learned that a salesforce.com employee had been the victim of a phishing scam that allowed a salesforce.com customer contact list to be copied.
To be clear, a phisher tricked someone into disclosing a password, but this intrusion did not stem from a security flaw in our application or database. Information in the contact list included first and last names, company names, email addresses, telephone numbers of salesforce.com customers, and related administrative data belonging to salesforce.com. As a result of this, a small number of our customers began receiving bogus emails that looked like salesforce.com invoices, but were not—they were also phishes. Unfortunately, a very small number of our customers who were contacted had end users that revealed their passwords to the phisher. Our support and security teams have been working with the small group of affected customers to enhance their security and with law enforcement authorities and industry experts in an effort to trace what occurred and prevent further attempts.
However, a few days ago a new wave of phishing attempts that included attached malware—software that secretly installs viruses or key loggers—appeared and seemed to be targeted at a broader group of customers. That's why we warned our system administrators last week of this new, more malicious phish and why we are sending this letter now with the goal of increasing awareness."
Computerworld (opens in new tab) pointed to a new trend in phishing and spamming where, just like Navy SEAL in wars, criminals are recruiting virtual snipers to bring down top people within large organisations - that includes members of boards, Chief Officers and other people with high statuses.
These hit men use sophisticated approaches to gain access to confidential data and the break-in at Salesforce.com was just one of the ways to get their hands on a list of highly sensitive data.