For this attack to work: 1). Dave ignores security training and clicks a link, then happily enters login credentials into a 3rd party website. 2). Eve ignores security training twice, enabling macros and active content in Excel. 3). Eve has Python on her computer -- she might be a hacker herself :-) Doesn't Salesforce itself alert the IT department of failed login attempts? :-) Any corporate/financial/mission-critical system should throttle/disable further logins after 5-10 attempts until the support/admin gets involved.
For this attack to work:
1). Dave ignores security training and clicks a link, then happily enters login credentials into a 3rd party website.
2). Eve ignores security training twice, enabling macros and active content in Excel.
3). Eve has Python on her computer -- she might be a hacker herself :-)
Doesn't Salesforce itself alert the IT department of failed login attempts? :-) Any corporate/financial/mission-critical system should throttle/disable further logins after 5-10 attempts until the support/admin gets involved.
good point. however top attacks in 2021 are made with powershell that is bundled with windows.
This requires the Netskope agent correct?