Cloud communications company Twilio released a statement outlining an attack against their employees via SMS phishing, where the attackers pretended to be Twilio’s IT department. The attackers asked employees to click on a link via a text message, warning them that their password had expired. Employees believed they were resetting their password when they followed the link, but it allowed the threat actor to steal passwords instead. The attacker then used the stolen credentials to access a small amount of customer data. The compromised accounts have been suspended and customers have been notified.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.