The Helpdesk Hustle: How Scattered Spider Cons Its Way Inside

adarma_logo_twgt-black[11615449]

industries

Engineering & Manufacturing

Engineering & Manufacturing

We safeguard operations, IP and human safety
Retail & E-Commerce

Retail & E-Commerce

We defend customer trust and keep your systems resilient
Transport & Aviation

Transport & Aviation

We build resilience in high-stakes environments

Financial Services & Insurance

Financial Services & Insurance

We help you stay secure, compliant and ahead of threats
Technology & Payments

Technology & Payments

We protect customer data and safeguard your reputation
Utilities: Water & Energy

Utilities: Water & Energy

We help reduce cyber risk and stay compliant

Featured Insight

Cyber Hub

Cyber Hub

Discover the latest threat intelligence

Case Studies

FTSE 100 Insurance Group

FTSE 100 Insurance Group

Strengthening cyber defences with MDR, EDR and CTI
FTSE 250 Luxury Retailer

FTSE 250 Luxury Retailer

Complex SIEM migration and service transition
Global Cosmetics Retailer

Global Cosmetics Retailer

24/7 threat detection and response on Microsoft
Global Engineering Company

Global Engineering Company

Ransomware incident response and SOC transformation

High Street Footwear Retailer

High Street Footwear Retailer

Optimised SIEM platform and MITRE ATT&CK coverage
Leading Online Technology Platform

Leading Online Technology Platform

Cloud migration and SOC transformation
Leading UK Insurance Provider

Leading UK Insurance Provider

Securing 300+ applications with custom SIEM and SOC services
Major European Airline

Major European Airline

Maturing security operations with a comprehensive MSOC

Prominent UK High Street Bank

Prominent UK High Street Bank

Migration and optimisation of multiple Splunk deployments
Top 5 UK Retail Bank

Top 5 UK Retail Bank

Award-winning threat-led managed SOC services
UK Water Services Provider

UK Water Services Provider

Integrated SOC and OT Security for enhanced visibility

We are Adarma

We are Adarma

Your partner for effective cyber threat management

ESG

ESG

Enabling a safer and more sustainable digital future

Our Partners

Our Partners

Working in partnership to make the world a safer place

Careers

Careers

Become a Cyber Defender

Insights

Cyber Hub

Cyber Hub

Discover all the latest insights
News & Blog

News & Blog

Read all the latest news from our experts
Cyber Insiders

Cyber Insiders

Listen to our Cyber Insiders podcast and read the magazine
Events

Events

Connect with our experts

SIEM Transformation

SIEM Transformation

Maximise the value of your security investments
Incident Preparedness

Incident Preparedness

Critical steps to minimise the impact of a cyber incident
Future-ready SOC Report

Future-ready SOC Report

Staying adaptable and agile in the face of change

Featured Insight

Threat Advisory: Israel-Iran Conflict Rising Hacktivism and UK Exposure

Threat Advisory

Jun 2025

Threat Advisory: Israel-Iran Conflict Rising Hacktivism and UK Exposure

- Socket Platform
  The security operations platform powering your service

Industries

industries

Engineering & Manufacturing

Engineering & Manufacturing

We safeguard operations, IP and human safety
Retail & E-Commerce

Retail & E-Commerce

We defend customer trust and keep your systems resilient
Transport & Aviation

Transport & Aviation

We build resilience in high-stakes environments

Financial Services & Insurance

Financial Services & Insurance

We help you stay secure, compliant and ahead of threats
Technology & Payments

Technology & Payments

We protect customer data and safeguard your reputation
Utilities: Water & Energy

Utilities: Water & Energy

We help reduce cyber risk and stay compliant

Cyber Hub

Cyber Hub

Discover the latest threat intelligence

Case Studies

FTSE 100 Insurance Group

FTSE 100 Insurance Group

Strengthening cyber defences with MDR, EDR and CTI
FTSE 250 Luxury Retailer

FTSE 250 Luxury Retailer

Complex SIEM migration and service transition
Global Cosmetics Retailer

Global Cosmetics Retailer

24/7 threat detection and response on Microsoft
Global Engineering Company

Global Engineering Company

Ransomware incident response and SOC transformation

High Street Footwear Retailer

High Street Footwear Retailer

Optimised SIEM platform and MITRE ATT&CK coverage
Leading Online Technology Platform

Leading Online Technology Platform

Cloud migration and SOC transformation
Leading UK Insurance Provider

Leading UK Insurance Provider

Securing 300+ applications with custom SIEM and SOC services
Major European Airline

Major European Airline

Maturing security operations with a comprehensive MSOC

Prominent UK High Street Bank

Prominent UK High Street Bank

Migration and optimisation of multiple Splunk deployments
Top 5 UK Retail Bank

Top 5 UK Retail Bank

Award-winning threat-led managed SOC services
UK Water Services Provider

UK Water Services Provider

Integrated SOC and OT Security for enhanced visibility

About us

We are Adarma

We are Adarma

Your partner for effective cyber threat management

ESG

ESG

Enabling a safer and more sustainable digital future

Our Partners

Our Partners

Working in partnership to make the world a safer place

Careers

Careers

Become a Cyber Defender

Insights

Cyber Hub

Cyber Hub

Discover all the latest insights
News & Blog

News & Blog

Read all the latest news from our experts
Cyber Insiders

Cyber Insiders

Listen to our Cyber Insiders podcast and read the magazine
Events

Events

Connect with our experts

SIEM Transformation

SIEM Transformation

Maximise the value of your security investments
Incident Preparedness

Incident Preparedness

Critical steps to minimise the impact of a cyber incident
Future-ready SOC Report

Future-ready SOC Report

Staying adaptable and agile in the face of change

Threat Advisory: Israel-Iran Conflict Rising Hacktivism and UK Exposure

Threat Advisory: Israel-Iran Conflict Rising Hacktivism and UK Exposure

June 24, 2025
•
Threat Advisory

Back

PODCAST

Share:

Twitter
LinkedIn
Facebook

Scattered Spider has emerged as a prominent name associated with some of the most disruptive cyber incidents in recent years. From ransomware to data breaches, this loosely affiliated group of young, Western-based hackers is known for their speed, creativity, and bold targeting of major organisations, including high-profile attacks on MGM Resorts, Caesars Entertainment, and most recently UK retailer, Marks and Spencer.

In this episode of Cyber Insiders, Adarma’s Threat Lead, Cian Heasley, explores who Scattered Spider are, how they operate, and why they’ve become such a serious concern for the cybersecurity community.

<span data-mce-type="bookmark" style="display: inline-block; width: 0px; overflow: hidden; line-height: 0;" class="mce_SELRES_start"></span>

What’s covered:

The tools and social engineering techniques that set them apart

How they bypass traditional defences

Why many organisations remain vulnerable to these fast-moving attacks

What can be done to better detect, contain, and respond

We also discuss recent events, including how organisations are reacting, adapting, and learning from attacks believed to be linked to Scattered Spider.

Watch the full episode to get expert insight into one of today’s most talked-about threat actors and practical guidance on how to defend against them. We’ll also share how Adarma is proactively responding to recent Scattered Spider activity and helping protect large, complex organisations in high-risk sectors from similar threats.

Watch now on our YouTube channel or search Cyber Insiders on your podcast app to listen.

Here are some additional resources on threat intelligence for the retail sector:

Read More Blogs and News

Explore all

Cyber Insiders is a cybersecurity podcast by Adarma.

Podcast

May 2025

Retail Under Attack: What You Need to Know About DragonForce Ransomware

Report

May 2025

Retail Threat Landscape Report – A look back over threat activity in Q1, 2025

New blog imagery - Blog imagery (2)

Blog

May 2025

DragonForce Threat Profile: The Rising Ransomware Gang Targeting UK Retailers

Contact Us