Salesforce.com Admits Phishing Hit

The company admits that phishers hit customer database.

It was with a lot of egg on their corporate faces that Salesforce.com sent out a letter to customers, explaining that an employee had fallen for a phishingscam, and as a result its customer database had been breached.   Among the information stolen were customer names, company names, e-mail addresses and phone numbers. Salesforce, which is acompany that deals with customer relationship management, has around one million subscribers.   Salesforce warned its customers to beware of targeted mails, which could include bogus invoices,viruses and key loggers. Evidently the company has found a second wave of fake e-mails to customers that include malware.   "However, a few days ago a new wave of phishing attempts thatincluded attached malware — software that secretly installs viruses or key loggers — appeared and seemed to be targeted at a broader group of customers," the company said in a statement."That’s why we warned our system administrators last week of this new, more malicious phish and why we are sending this letter now with the goal of increasing awareness."