What Salesforce Organizations Need To Know About The Growing Vishing Threat From UNC6040
Varonis, Friday, August 1st, 2025
Learn about the vishing threat from UNC6040 targeting Salesforce environments and how to protect your organization from data breaches and extortion.
Google's Threat Intelligence Group (GTIG) has uncovered a financially motivated threat cluster, UNC6040, that specializes in voice phishing (vishing) campaigns targeting Salesforce environments.
These attacks are designed to steal sensitive data and extort organizations - posing a serious risk to any business that relies on Salesforce as a central hub for customer, sales, and operational data, which is an an attractive target for attackers like UNC6040.
A successful breach could result in data loss, regulatory consequences, reputational damage, and financial extortion. Understanding and defending against vishing threats is critical to safeguarding the integrity of Salesforce environments and maintaining trust with clients, partners, and stakeholders.