Salesforce.com Warns Customers Of Phishing Scheme
November 8, 2007 by Jimson Lee
A Salesforce.com employee was tricked into disclosing a password, providing the phisher with information on a customer contact list.
Those were the headlines this week.
With Software on-demand on the rise, and the “All You Need is a Browser and an Internet connection” sales pitch, bad things can happen. Just remind yourself and your 9 year old daughter surfing the Internet unattended.
By now, we have all received emails coming from PayPal, eBay, and even major Banks asking you to log in and verify your account. If you don’t have a Citibank account asking for information, that smells like a “phish”. But what if you do?
What if your entire Sales database is “behind that browser” and you get that “security email” with the same look and feel interface? At first glance, it would be hard to detect it on the email.
Sure, both Firefox and IE7 has anti-phishing features. I’ll be giving some great tips on using Firefox in an upcoming article.
Here is the full article of the Salesforce.com employee being tricked into disclosing a password.
A Salesforce.com employee bit on the bait of a phisher, and now the Web-based CRM software provider is warning customers not to fall for the same cybercriminal tricks.
On its Trust.Salesforce.com Web site this week, Salesforce.com posted a “letter about security” to customers alerting them to be cautious of “phishing and malware scams on the Internet,” which are on “the rise.”In fact, the company revealed that a Salesforce.com employee had been a recent victim of a phishing scam that tricked the worker into disclosing a password, providing the phisher with information on a customer contact list. That contact list information included “first and last names, company names, e-mail addresses, and telephone numbers for Salesforce.com customers and related administrative data” belonging to Salesforce.com, according to the letter.
The letter, which was signed by Salesforce.com executive VP Parker Harris, also revealed that “a small number” of Salesforce.com customer users subsequently have become victims of a phishing — being fooled into disclosing passwords after receiving “bogus e-mails that looked like a Salesforce.com invoice but were not.”
In addition, “a few days ago, a new wave of phishing attempts that included attached malware — software that secretly installs viruses or key loggers — appeared and seemed to be targeted at a broader group of customers,” the company disclosed in the notice.
“That’s why we warned our system administrators last week of this new, more malicious phish and why we are sending this letter now with the goal of increasing awareness.”
Tagged:
CRM, customer, customers, data, information, news, on-demand, Sales, salesforce, salesforce.com, Security, software, system, web
Related Articles on CRM Help Desk Software.com
- Salesboom. com to End Phishing Attacks on CRM with Two Factor Authentication
- The Dangers of a Single, Multiple IM Client
- Data Breaches Set Record in 2007, Identity Theft to Increase in 2008
- Entellium CEO, CFO Charged with Wire Fraud
- On-Line Banking Theft, It’s Worse Than You Think
Recent Articles on CRM Help Desk Software.com
- SugarCRM Leaders to Present at OSCON Open Source Convention 2010
- GFI Software Enhances its Security Product Offering with the Acquisition of Sunbelt Software
- LiveTime achieves 11 Process ITIL v3 Certification for Cloud based ITSM Service Desk
- Microsoft Dynamics CRM 2011 Beta Coming in September
- Sugar 6: CRM Made Simple
- ERP.com Releases the ERP Software Selection Checklist Tool to Expedite the ERP Software Selection
- Home Shopping Giant Set To Cut Bad Debt By Up To 33% With KXEN Analytics
- Cordys to host leading BPM and Cloud Computing User Conference
- Confirmit Adds SMS Surveys for Wider Engagement and Instant Feedback
- Service Catalog Still Top of ITSM Agenda
Free Newsletter
Sign up for the free Daily newsletter, filled with tips and ideas on how to choose a proper CRM, Help Desk, Customer Support, or Enterprise Content Management software system. Your email address will be kept confidential and won't be shared. Easily unsubscribe at any time.
If you enjoy the free information available on this site, you're sure to enjoy the free newsletter as well:
Share and Enjoy:
Comments
One Response to “Salesforce.com Warns Customers Of Phishing Scheme”
Got something to say?
Complete List of CRM Vendors & Help Desk Vendors
Latest Headlines
- SugarCRM Leaders to Present at OSCON Open Source Convention 2010
- GFI Software Enhances its Security Product Offering with the Acquisition of Sunbelt Software
- LiveTime achieves 11 Process ITIL v3 Certification for Cloud based ITSM Service Desk
- Microsoft Dynamics CRM 2011 Beta Coming in September
- Sugar 6: CRM Made Simple
- ERP.com Releases the ERP Software Selection Checklist Tool to Expedite the ERP Software Selection
Wow.. Thats pretty crazy.. that does need to be secure if your using a web-based crm database. Security is a big factor… Actually suprised that that happened with SalesForce.com. I use http://www.salesnexus.com and actually work for them and we have procedures that prohibit scammers from retrieving any information from us for our clients. Good blog though..