Attackers weaponize workplace communication to install remote access tools

An ongoing phishing campaign is targeting organizations across multiple industries, usingsophisticated social engineering tactics to convincingly impersonate well-knownvideoconferencing platforms and deploy ConnectWise ScreenConnect for unauthorized remoteaccess. The research from Abnormal Intelligence reveals that unlike traditional credential-harvesting attacks that steal login information, this campaign deceives targets into downloading legitimate remote monitoring and management (RMM) software, granting cybercriminals complete control over end-user devices. The attackers are employing advanced deception techniques built around impersonations and familiar business contexts, effectively creating workflows that align with end-user expectations. Specific tactics observed include the utilization of compromised legitimate email accounts, AI-generated phishing components, and strategic URL… [Continue Reading]