Security Advisory: Protect Your Salesforce Environment from Social Engineering Threats

As social engineering and phishing threats continue to rise, our top priority is to help customers strengthen their security posture. We encourage all customers to review our blog post (https://www.salesforce.com/blog/protect-against-social-engineering/) on key platform features and best practices, including enabling multi-factor authentication (MFA), enforcing the principle of least privilege, and carefully managing connected applications. The post also includes links to additional resources to help organizations protect their Salesforce environments. Importantly, the Salesforce platform has not been compromised, and this issue is not due to any known vulnerability in our technology. We know how disruptive and stressful these incidents can be, and our teams are fully engaged to support affected customers and help minimize any impact. If you have questions about your Salesforce security settings or need support, please reach out to Salesforce Support via the Help portal. We will continue to update this post and communicate proactively to help customers understand how to best protect their Salesforce environments.