Who do you call when tech troubles strike? Your service desk agents! They’re not just friendly wiz; they step in to save you from confusion.
But Here’s the Twist
While these tech helpers are busy saving the day for us, they often face their own challenges and risks behind the scenes.
Recently, service desk security has made headlines due to a series of high-profile attacks by the notorious DragonForce ransomware group. These incidents have revealed just how vulnerable our tech heroes can be, and how quickly they can become victims themselves.
Recent Attacks on Service Desks
In April and May 2025, several large organizations fell prey to social engineering tactics employed by the cybercrime group Scattered Spider.
Why Do Hackers Target Service Desks?
To put it simply, it’s quicker and easier to manipulate a person than to carry out a more technical intrusion. Service desk teams are trained to solve problems quickly, and attackers exploit this urgency. They might pose as panicked executives or trusted vendors, weaponizing empathy and urgency to trick staff into by passing protocols.
Reconnaissance: Attackers gather intel from public sources like LinkedIn profiles and social media.
Crafting Pretext: They create a believable story about being locked out and needing a password reset.
The Call: Timing is everything! They often call during busy times, using their native English skills to blend in.
Building Urgency & Trust: By name-dropping important clients or quoting ongoing projects, they create a sense of urgency.
Bypassing MFA: When asked for MFA confirmation, they claim they didn’t receive it, requesting a reset under the guise of “managerial approval.”
Credential Reset & Token Swap: The agent follows procedure, and the attacker gains immediate access to the organization’s environment.
Enforce Verification or Invite Breaches
Training and phishing simulations can help teams stay sharp, but the best defense is empowering your service desk agents with tools to enforce verification. Without rigorous identity checks, your service desk becomes a playground for attackers.
Remember, everybody in the tech space deserve protection just as much as they protect us!
Stay Vigilant! Stay Safe! Don’t be the weak link!
.png)
.png)