Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Phishing Exploits Salesforce’s Email

August 3, 2023
Reading Time: 1 min read
in Alerts
Phishing Exploits Salesforce’s Email

In a recent cybersecurity discovery, Guardio Labs researchers have unveiled a highly sophisticated phishing campaign targeting Facebook users, exploiting a previously unknown vulnerability in Salesforce’s email services.

This exploit enables threat actors to craft deceptive phishing messages using Salesforce’s domain, while the messages appear to come from Meta. The attackers aim to trick recipients into clicking on a link by falsely claiming their Facebook accounts are under investigation due to suspected impersonation.

What makes this attack particularly insidious is its intricate design, which leverages both the Salesforce vulnerability and legacy peculiarities in Facebook’s Web Games platform. By sending emails from a seemingly legitimate “@salesforce.com” domain address and masking them as communications from Meta, the attackers strategically evade conventional anti-phishing and anti-spam detection mechanisms.

The phishing emails guide victims to a fraudulent landing page hosted under the Facebook apps platform, utilizing the domain apps.facebook[.]com. The ultimate goal is to capture victims’ account credentials and two-factor authentication codes. This innovative approach allows the phishing kit to circumvent security measures and gain access to sensitive user information undetected.

Guardio Labs revealed that the attackers exploited Salesforce’s email services’ zero-day vulnerability, thereby underlining the potential risks and challenges posed by seemingly legitimate services being exploited for malicious purposes.

Reference:
  • “PhishForce” — Vulnerability Uncovered in Salesforce’s Email Services Exploited for Phishing Facebook Accounts In-The-Wild
Tags: August 2023Cyber AlertCyber Alerts 2023CyberattackCybersecurityEmail SecurityFacebookGuardio LabsMetaSalesforceVulnerabilities
ADVERTISEMENT

Related Posts

Facebook Scams Target Seniors With Malware

Android Spyware Poses As Signal And Totok

October 3, 2025
Facebook Scams Target Seniors With Malware

Facebook Scams Target Seniors With Malware

October 3, 2025
Facebook Scams Target Seniors With Malware

Chrome Update Fixes 21 Security Flaws

October 3, 2025
Smishing targets routers in Belgium 2025

Smishing targets routers in Belgium 2025

October 2, 2025
Smishing targets routers in Belgium 2025

Outlook Bug Causes Repeated Crashes

October 2, 2025
Smishing targets routers in Belgium 2025

MatrixPDF Toolkit Turns PDFs Into Lures

October 2, 2025

Latest Alerts

Facebook Scams Target Seniors With Malware

Android Spyware Poses As Signal And Totok

Chrome Update Fixes 21 Security Flaws

Outlook Bug Causes Repeated Crashes

Smishing targets routers in Belgium 2025

MatrixPDF Toolkit Turns PDFs Into Lures

Subscribe to our newsletter

    Latest Incidents

    Hackers Target Oracle Apps For Extortion

    Hospital Cyberattack Leaks Patient Data

    UK Renault Dacia Customer Data Stolen

    Allianz Life July Breach Hits 1.5M

    Dealership Software Breach Hits 766k

    Suffolk Website Down After Cyber-Attack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial