A few months ago, we wrote about a Slack-based attack making waves. In the attack, hackers utilized a Slack redirect to bypass Microsoft SafeLinks. It looks like this:
This was able to bypass SafeLinks and bring the user to a fake Microsoft login page that would steal their credentials.
And now, since we first wrote it, a few months have passed and this type of attack is still happening.
And the reason that Slack is top of mind for hackers is that it was just acquired by Salesforce.
The deal promises to deeply integrate Slack into everything Salesforce does. That means more users, more data, more files—and more opportunity for hackers.
It's as good a time as any to make sure your Slack—and all the data held there—are properly protected.