SaaS Abuse at Scale: Phone-Based Scam Campaign Leveraging Trusted Platforms
Overview This report documents a large-scale phishing campaign in which attackers abused legitimate software-as-a-service (SaaS) platforms to deliver phone-based scam lures that appeared authentic and trustworthy. Rather than spoofing domains or compromising services, the attackers deliberately misused native platform functionality to generate and distribute emails that closely resembled routine service notifications, inheriting the trust, reputation, and authentication posture of well-known SaaS providers. The campaign generated approximately 133,260 phishing emails, impacting 20,049 organizations. It is part of a broader and rapidly escalating trend in which attackers weaponize trusted brands and native cloud workflows to maximize delivery, credibility, and reach. Observed brands […]
The post SaaS Abuse at Scale: Phone-Based Scam Campaign Leveraging Trusted Platforms appeared first on Check Point Blog.
目录
最新
- Introducing CPR Act: A Unified Approach for a Full‑Lifecycle Security
- Powering Cyber Resilience Across APAC: Celebrating Check Point’s APAC FY25 Partner Award Winners
- The Whitelist Illusion – When Your Trusted List Becomes a Billion Dollar Attack Path
- Silver Dragon: China Nexus Cyber Espionage Group Targeting Governments in Asia and Europe
- How Threat Intelligence and Multi-Source Data Drive Smarter Vulnerability Prioritization
- What Defenders Need to Know about Iran’s Cyber Capabilities
- National Cyber Resilience in the AI Era
- Check Point Researchers Expose Critical Claude Code Flaws