![\"Federal](\"https:\/\/www.newsbeep.com\/uk\/wp-content\/uploads\/2025\/08\/1754054230_221_960x0.jpg\")
<\/p>\n<\/p>\n
FBI updates Scattered Spider warning \u2014 do not reset your password.<\/p>\n
SOPA Images\/LightRocket via Getty Images<\/p>\n
Update, August 1, 2025: This story, originally published on July 31, has been updated with another warning from the FBI regarding a new cyberattack. Do not reset your passwords, the FBI said, and now has added advice about how not to get caught in a code-scanning threat campaign. <\/p>\n
Scattered Spider<\/a> is the somewhat too cutesy name applied to one of the most dangerous threats facing organizations today. The ransomware threat actors behind devastating attacks on retail<\/a> and aviation<\/a> targets, among others, show no signs of going away. The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have now updated a joint cybersecurity advisory with a critical new warning: don\u2019t reset your passwords. Here\u2019s what you need to know about the latest FBI warning and the ongoing Scattered Spider threat.<\/p>\n ForbesHackers Threaten To Publish 3.5 TB Of Stolen Data In 24 HoursBy Davey Winder<\/a><\/p>\n The FBI Password Reset Warning \u2014 Why It Makes Sense<\/p>\n At first glance, being told not to reset your password in the face of an attack that compromises passwords appears somewhat counterintuitive, to say the least. After all, Google has been advising Gmail users to change their passwords<\/a>, along with other cybersecurity warnings recommending the same, for the longest time now. But, as with most everything cyber, context is critical. Changing a password to prevent an attack, as in the advice to switch to a more secure technology such as passkeys, makes sense. Not using weak or previously compromised passwords, ditto. But this advice is different; it addresses the specific methodology employed by the Scattered Spider group in attacks.<\/p>\n The July 29 update to the FBI and CISA cybersecurity advisory, alert code AA23-320A<\/a>, warns that Scattered Spider has \u201cposed as employees to convince IT and\/or helpdesk staff to provide sensitive information, reset the employee\u2019s password, and transfer the employee\u2019s MFA to a device they control on separate devices.\u201d<\/p>\n Scattered Spider is using \u201clayered social engineering techniques,\u201d the FBI warned, often comprising multiple calls and contacts. These are made to ascertain the steps required to conduct password reset requests from support staff. \u201cOnce that information is identified,\u201d the FBI said, \u201cthe threat actors continue to conduct phone calls to employees and help desks to gather password reset-specific information of a targeted employee.\u201d This all culminates in a highly-targeted spearphishing call to the help desk in question to convince staff to \u201creset passwords and\/or transfer MFA tokens.\u201d<\/p>\n The FBI recommended that organizations use phishing-resistant multifactor authentication for all services and accounts that access critical systems. \u201cOrganizations should continue to perform diligent employee training against vishing and spearphishing,\u201d the alert said, and advised that updated mitigation recommendations<\/a> from the U.K. National Cyber Security Centre be followed, including to \u201creview helpdesk password reset processes, including how the helpdesk authenticates staff members credentials before resetting passwords, especially those with escalated privileges.\u201d<\/p>\n ForbesGmail\u2019s New Password Warning \u2014 Update Accounts Now As Attacks SurgeBy Davey Winder<\/a><\/p>\n Do Not Scan These Codes \u2014 The FBI Has Warned<\/p>\n Critical FBI cybersecurity warnings are starting to be a little like London buses: you wait a while, and then a whole bunch turn up at once. Just days after the FBI issued the Scattered Spider cybersecurity alert update, the Bureau has now published alert number I-073125-PSA<\/a> warning the public of a new twist to an old threat: the brushing scam.<\/p>\n Brushing scams involve vendors fraudulently increasing their product ratings online by sending unsolicited items to unsuspecting recipients and using their information to post positive reviews. This latest scam, the FBI has warned, operates along a similar theme but is now using QR codes on such packages as a means to facilitate financial fraud.<\/p>\n The packages contain a QR code that \u201cprompts the recipient to provide personal and financial information or unwittingly download malicious software that steals data from their phone,\u201d the FBI said. Such parcels are often sent without any information as to their origin as a means to encourage recipients to scan the malicious code.<\/p>\n If you receive an unexpected package from an unknown sender, the FBI advises that you should not scan any QR codes contained within it or on the packaging itself. The FBI requests that the public report these fraudulent or suspicious activities to the FBI IC3 at www.ic3.gov.<\/p>\n