This alert describes ongoing cyber threat activity involving social engineering techniques such as voice phishing, brand impersonation, credential harvesting, and abuse of help-desk processes to compromise enterprise SaaS environments. The attacks do not exploit software vulnerabilities but rely on manipulating human trust and identity processes to gain unauthorized access.
