The FBI and U.S. Cybersecurity and Infrastructure Security Agency are urging critical infrastructure organizations to implement mitigation techniques to thwart a cybercriminal group known as Scattered Spider that targets major companies and their IT help desks.

A joint advisory describes the hacking group, also known as Octo Tempest and UNC3944, as having expertise in social engineering that uses phishing, push bombing and other techniques to gain unauthorized access into the networks of commercial facilities that provide retail, entertainment and lodging services to the public (see: Meet Octo Tempest, ‘Most Dangerous Financial’ Hackers).