Google is monitoring a criminal group that uses voice phishing to trick Salesforce users. Data theft is followed by blackmail. A criminal group that Google's Threat Intelligence Group (GTIG) calls ...

The Data Loader app itself is real and is used to import, export, or change Salesforce records by connecting to the internal database. But the version at the web page is a modified one that's ...

Salesforce warned customers of voice phishing, or "vishing," attacks and of hackers abusing malicious, modified versions of Data Loader in a March 2025 blog post.

According to Google, attackers impersonate IT support on live calls, directing users to approve unauthorised Data Loader apps via Salesforce's connected app interface. These apps, often disguised ...

Hackers are tricking employees at companies in Europe and the Americas into installing a modified version of a Salesforce-related app, allowing the hackers to steal reams of data, gain access to ...

Google’s Threat Intelligence Group says a vishing threat called UNC6040 has been targeting Salesforce applications with a fake data loader.

Early warning from Salesforce Salesforce warned of the threat of a "malicious connected app" in March. "In some cases, we have observed that the malicious connected app is a modified version of the ...

Hackers are tricking employees at companies in Europe and the Americas into installing a modified version of a Salesforce-related app, allowing the hackers to steal reams of data, gain access to ...

A hacking group has been impersonating IT personnel to break into companies’ Salesforce tools, using the access for data theft and extortion, according to a new report from Google’s threat ...

Hackers abuse modified Salesforce app to steal data, extort companies, Google says Stock Markets Published 06/04/2025, 10:13 AM Updated 06/04/2025, 10:26 AM ...