"By specifically seeking female voices, the group likely aims to bypass the 'traditional' profiles of attackers that IT helpdesk staff may be trained to identify, thereby increasing the effectiveness of their impersonation efforts."
"SLSH is known for effective social engineering. Experts who have listened in on calls carried out by Scattered Spider, one of the groups that form the cybercrime triad, previously confirmed that its tactics are sophisticated and highly effective."
"The Telegram ads suggest that SLSH is looking for people to socially engineer IT helpdesk staff. This aligns with the group's typical MO of deceiving IT helpdesks into handing over credentials that attackers can use to gain access to an organization's network."
Scattered Lapsus$ Hunters (SLSH), a prolific cybercrime group, is actively recruiting women through Telegram to conduct social engineering attacks targeting IT helpdesk staff. The group offers payments between $500-$1,000 per call based on success rates and provides recruits with scripts to follow. SLSH's strategy exploits the fact that IT helpdesk personnel are typically trained to identify traditional attacker profiles, making female voices more effective at bypassing these defenses. The group's goal is to deceive helpdesk staff into revealing credentials that grant network access. Security experts recommend organizations enhance verification procedures through video calls and secondary internal checks while training helpdesks about these evolving tactics.
#social-engineering #cybercrime-recruitment #it-security-threats #scattered-lapsus-hunters #credential-theft
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]