"Ongoing Campaign Bombards Enterprises with Spam Emails and Phone Calls"

Rapid7 researchers have found a social engineering campaign that sends spam emails to enterprises to gain initial access for follow-on exploitation. The researchers reported that a threat actor floods a user's email with junk and calls to offer help to the user. The threat actor then prompts affected users to download Remote Monitoring and Management (RMM) software such as AnyDesk or run Microsoft's Quick Assist feature in order to set up a remote connection. Since late April 2024, the novel campaign has primarily sent newsletter sign-up confirmation emails from legitimate organizations to overwhelm email protection solutions. This article continues to discuss findings regarding the ongoing social engineering campaign.

THN reports "Ongoing Campaign Bombards Enterprises with Spam Emails and Phone Calls"

Submitted by grigby1

Submitted by Gregory Rigby on