What is PhishForce, that is effecting Salesforce Customers?

As the digital landscape continues to expand, so do the tactics employed by cybercriminals. In a recent discovery by security researchers at Guardio Labs, a new and sophisticated email phishing campaign named “PhishForce” has been identified, posing a significant threat to Salesforce Inc. customers. This article sheds light on the intricacies of this exploit, focusing on the use of domain name spoofing to deceive recipients and offers insights on how businesses and individuals can protect themselves from such attacks.

The Unpatched Exploit that Targets Salesforce Customers:

PhishForce, the name given to this insidious phishing campaign, leverages a cunning combination of techniques to avoid detection by both Salesforce and Facebook’s security measures. By exploiting an unpatched vulnerability, cybercriminals launch targeted email attacks aimed at unsuspecting Salesforce customers, manipulating their perception of legitimacy through domain spoofing.

Spoofing Email Servers and Domains: A Crafty Deception:

In this campaign, attackers skillfully forge email headers to make it appear as if the messages originate from trusted sources like Salesforce. However, in reality, the emails are cleverly disguised, showing Meta Platforms Inc. (parent company of Facebook) as the sender. The attackers are banking on the trust users place in these reputable names to lure them into a false sense of security.

An Inside Look into Phishing Emails:

A critical element of the PhishForce campaign is the deceptive content within the emails. The attackers incorporate a big blue button, seemingly labeled “Request a Review,” to entice users into taking action. However, rather than initiating a review process, clicking on the button redirects users to a malicious phishing page that aims to compromise their Facebook account credentials.

The Art of Clever Deception:

PhishForce takes advantage of legitimate links and email addresses to maintain a façade of authenticity. By hiding within trusted mail gateways, these malicious emails can bypass conventional protective shields and evade spam filters, making it even harder for users to detect the threat lurking beneath the surface.

Abusing Trouble-Ticketing System for Exploitation:

One of the most intriguing aspects of this attack is the ingenious use of Salesforce’s trouble-ticketing system. By sending the phishing emails instead of receiving them, the attackers managed to exploit a role reversal that played a pivotal role in the success of the entire campaign.

A Proactive Response to Phishing Threats:

Despite the complexity of PhishForce, the collaborative efforts of Guardio Labs, Salesforce, and Facebook resulted in a swift and efficient response to the threat. Salesforce’s security team was effective and responsive, taking immediate action to fix the vulnerability and protect their customers.


As the battle against phishing continues, it is crucial for individuals and businesses to stay vigilant and informed. Phishing attacks like PhishForce underscore the importance of scrutinizing email content, checking for anomalies, and never assuming an email is safe merely because it originates from a reputable domain.

For domain name enthusiasts, understanding the intricacies of domain spoofing and how it can be weaponized in phishing campaigns is essential to bolstering cybersecurity. By staying informed and adopting proactive measures, we can collectively work towards safeguarding our digital domains from the persistent threats of cybercrime.


  1. […] Source : Domain Magazine | Read More […]

  2. PhishForce is a dangerous phishing campaign using domain spoofing to target Salesforce customers. Stay alert and informed to protect against such cyber threats.

  3. Emma Thomas Avatar
    Emma Thomas

    PhishForce is a phishing campaign that targets Salesforce customers. It uses domain name spoofing to deceive recipients into believing that the emails are legitimate. This could allow attackers to gain access to sensitive data or take control of Salesforce accounts.

    To protect yourself from PhishForce, be suspicious of emails that appear to be from Salesforce, especially if they ask for personal information. Never click on links in emails from unknown senders. Hover over links to see their actual destination before clicking on them. Use strong passwords and enable two-factor authentication for your online accounts. Keep your software up to date with the latest security patches.

  4. Richard Wilson Avatar
    Richard Wilson

    In the ongoing fight against phishing, individuals and businesses must remain alert and informed. Recent incidents like PhishForce highlight the need to carefully examine email content, detect anomalies, and not blindly trust reputable domains. For domain enthusiasts, grasping domain spoofing’s nuances and its role in phishing is vital for cybersecurity. Through knowledge and proactive steps, we can protect our digital domains against cyber threats.

  5. John Will Avatar
    John Will

    New phishing threat targets Salesforce users. Stay vigilant against email scams.”

  6. John Will Avatar
    John Will

    For ,domain enthusiasts, grasping domain spoofing’s nuances and its role in phishing is vital for cybersecurity. Through knowledge and proactive steps, we can protect our digital domains against cyber threats.

  7. David Blake Avatar
    David Blake

    PhishForce underscores the importance of proactive cybersecurity. Users must heighten awareness, implement multi-factor authentication, and stay updated on security best practices. Collaboration between Salesforce, users, and the cybersecurity community is crucial to fend off such threats. In this evolving digital landscape, staying vigilant is key to maintaining the security of Salesforce and its users.

  8. This article brings attention to the alarming rise of the “PhishForce” phishing campaign, targeting unsuspecting Salesforce customers. The utilization of domain name spoofing to deceive recipients emphasizes the need for heightened cybersecurity measures. It is vital for both businesses and individuals to stay vigilant and adopt effective strategies for protecting themselves against such malicious attacks.

  9. Olivia Schmidt Avatar
    Olivia Schmidt

    Staying vigilant against evolving phishing tactics is crucial. Recent attacks like PhishForce highlight the need to scrutinize emails, even from reputable domains. Understanding domain spoofing is key to bolstering cybersecurity. Let’s stay informed and proactive in protecting our digital domains against cyber threats.

  10. PhishForce is a dangerous phishing campaign that is targeting customers of Salesforce Inc. Cybercriminals are employing domain name spoofing to deceive recipients and gain access to sensitive information. This article highlights the severity of this exploit and provides valuable information on how businesses and individuals can safeguard themselves against such attacks. It is crucial for Salesforce users to remain vigilant and take proactive measures to protect their data and prevent falling victim to PhishForce.

Join the Discussion

Discover more from Domain Magazine

Subscribe now to keep reading and get access to the full archive.

Continue reading

Verified by ExactMetrics