Please take a moment to review this important cybersecurity update.

The Scattered Spider cybercriminal group has recently escalated its use of sophisticated social engineering tactics to breach enterprise systems. According to a new advisory from KnowBe4 and Mandiant, these attackers are targeting organizations with large help desk and outsourced IT functions—just like ours—by impersonating employees or IT staff to gain unauthorized access to systems.

Key tactics include:

• SMS phishing (smishing) and voice phishing (vishing) to trick users into revealing credentials or approving MFA prompts.
• Impersonation via Microsoft Teams or other collaboration tools, posing as internal IT support.
• MFA fatigue attacks—repeated push notifications to wear down users into approving access.
• Use of legitimate-looking domain names and SSO login pages to harvest credentials.

What you can do:

• Never approve unexpected MFA prompts. Report them immediately.
• Be cautious of any messages—email, SMS, or chat—requesting password resets, MFA codes, or access to systems.
• Verify any unusual IT requests through official channels.
• Do not share credentials or MFA codes over Teams or email.

You can read the full article here: How to Protect Your Business from Scattered Spider’s Latest Attack Methods