JOURNAL ARTICLE

Threat cluster launches extortion campaign using social engineering.

  • Published In: Cybersecurity Dive, 2026. P. N.PAG 1 of 3

  • Database: Business Source Ultimate 2 of 3

  • Authored By: Jones, David 3 of 3

Abstract

The article focuses on a social engineering campaign by the financially motivated threat cluster UNC6783, which targets business process outsourcers and support staff to extort payments from dozens of organizations across various industries. The attackers use phishing techniques, including malicious Okta login pages and phishing kits that bypass multifactor authentication, to gain persistent access to targeted environments. They also employ fake security software to install remote access malware and send ransom notes via Proton email accounts. Researchers recommend implementing phishing-resistant multifactor authentication and blocking unauthorized domains to mitigate these threats. [Extracted from the article]

Additional Information

  • Source:Cybersecurity Dive. 2026/04, pN.PAG
  • Document Type:Article
  • Subject Area:Political Science
  • Publication Date:2026
  • Accession Number:192933856
  • Copyright Statement:Copyright of Cybersecurity Dive is the property of Industry Dive and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Looking to go deeper into this topic? Look for more articles on EBSCOhost.