Pink is the latest goon squad to use fake helpdesk calls to steal creds
Summary
A new threat group called Pink is employing a tactic similar to the Lapsus$ group by using fake helpdesk calls to trick employees into revealing their login credentials. This social engineering technique aims to gain access to corporate networks.
IFF Assessment
FOE
This tactic represents a common and effective social engineering attack that defenders must actively guard against, making it bad news for cybersecurity professionals.
Defender Context
Organizations should reinforce employee training on identifying and reporting suspicious helpdesk calls and phishing attempts. Multi-factor authentication should be mandated wherever possible to mitigate the impact of credential compromise.