Attackers were recently spotted exploiting a zero-day flaw in Salesforce’s email and SMTP services in a sophisticated phishing campaign aimed at stealing credentials from Facebook users. Guardio researchers detected cyberattackers sending targeted phishing emails with @salesforce.com addresses using the legitimate Salesforce infrastructure.
Source: Dark Reading: Cloud