Scattered Spider, a notorious cybercrime group, has shifted its attention from U.K. and U.S. retailers to major insurance companies, highlighting a change in attack strategy. According to the Google Threat Intelligence Group, organizations in the insurance sector must be vigilant against social engineering tactics used by the group. Known for their advanced impersonation and deception techniques, Scattered Spider has a history of targeting large enterprises, especially those with extensive help desks and outsourced IT services. Their alliance with the DragonForce ransomware cartel raises further concerns about coordinated attacks on managed service providers.
We are now seeing incidents in the insurance industry. Given this actor's history of focusing on a sector at a time, the insurance industry should be on high alert, especially for social engineering schemes which target their help desks and call centers.
The group has repeatedly demonstrated its ability to impersonate employees, deceive IT support teams, and bypass multi-factor authentication (MFA) through cunning psychological tactics.
Often described as 'native English speakers,' they are suspected to operate in or have ties to Western countries, bringing a cultural fluency that makes their phishing and phone-based attacks alarmingly effective.
Earlier this month, ReliaQuest revealed that Scattered Spider and DragonForce are increasingly targeting managed service providers (MSPs) and IT contractors to obtain access to several downstream customers through a single compromise.
Collection
[
|
...
]