The Bottom Line: Service desks are popular vectors for social engineering attacks because controls are weak and operational pressure on staff is high — a combination that demands training, process improvements, and technical controls.
Service desks are among the preferred attack points for cybercriminals seeking to gain access to enterprise systems through password resets and MFA changes. The function thus represents a significant security risk that is often underestimated.
Service desk employees are deliberately targeted by attackers who contact them under false pretenses to perform password resets or manipulate multi-factor authentication (MFA). These calls or requests often appear credible because attackers gather company information and deliberately create a sense of urgency or emergency.
The success rate of such social engineering remains high because service desk teams work under pressure and time constraints, are often inadequately trained, and have limited ability to verify the caller’s identity beyond doubt. Adding to this: occasional legitimate requests from actually “locked out” employees can be difficult to distinguish from fraud attempts.
CISOs must take a multi-layered approach. Comprehensive training for service desk personnel on social engineering tactics is necessary, along with strict identity verification protocols (such as callback procedures using internal company directories), policies for escalating sensitive requests, and technical controls that couple forced password resets to additional approval steps. Account segmentation based on sensitivity can limit damage in case of successful manipulation.
Source: www.bleepingcomputer.com · Published 24 June 2026
Lumi AI News — AI-assisted curation under Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.