Facebook
Britain's News Portal
Around The Clock
BREAKING
Loading latest headlines…

Pink cyber gang mimics Lapsus$ with fake helpdesk calls to steal credentials

A new cybercriminal group called Pink is using fake helpdesk calls to trick employees into handing over login credentials, reviving a tactic made infamous by the Lapsus$ gang. UK businesses face heightened risk as the group targets remote workers and IT helpdesks.

  • Pink uses social engineering calls impersonating IT support to steal credentials.
  • The tactic was popularised by the Lapsus$ crime group in 2022.
  • UK businesses, especially those with remote workers, are prime targets.
  • The ICO warns firms to strengthen verification processes for helpdesk calls.
  • The EU AI Act may influence how UK firms deploy AI to detect such attacks.

A new cybercriminal group known as Pink has adopted the notorious tactic of fake helpdesk calls to trick employees into revealing login credentials, according to cybersecurity researchers. The method, which was widely used by the chaotic Lapsus$ gang in 2022, involves impersonating IT support staff over the phone to persuade victims to share passwords or multi-factor authentication codes.

Pink is believed to target organisations with large remote workforces, where employees are accustomed to receiving IT assistance by phone. The group often researches its targets in advance, using publicly available information to make their calls appear legitimate. Once credentials are obtained, they can be used to breach corporate networks, steal data, or deploy ransomware.

For UK businesses, the resurgence of this tactic underscores the need for robust verification protocols. The Information Commissioner's Office (ICO) has previously advised firms to implement callback procedures and use unique verification phrases to confirm the identity of IT staff. Smaller businesses, which often lack dedicated cybersecurity teams, are particularly vulnerable.

The implications extend to the wider economy. A successful breach can lead to significant financial losses, regulatory fines under UK data protection law, and reputational damage. The government's Cyber Security Breaches Survey found that nearly a third of UK businesses reported a cyberattack in the past year, with social engineering attacks among the most common.

Experts warn that the rise of generative AI could make these calls even more convincing. Dr. Emma Whitfield, a cybersecurity researcher at the University of Bristol, said: 'AI voice cloning tools could allow groups like Pink to mimic the voices of real IT staff, making it harder for employees to spot the deception. UK firms must invest in staff training and technical controls now, before these attacks become more sophisticated.'

On the regulatory front, the EU AI Act's classification of AI-powered social engineering as 'high risk' may set a precedent for future UK rules. The ICO is expected to update its guidance on social engineering later this year, potentially requiring firms to report such incidents more promptly.

Why this matters: UK readers, especially those working remotely or in small businesses, are prime targets for fake helpdesk scams that can lead to identity theft, financial loss, or corporate data breaches.

What this means for you: What this means for you: If you work remotely or use an IT helpdesk, be wary of unsolicited calls asking for your password or security codes — always hang up and call back on a known number.

Related Articles

Get the news that matters.

Join thousands of readers getting the best of British news straight to their inbox.