Skip to content
  • Member services
    • Membership Benefits
      • Membership Overview
      • Membership Levels and FAQs
    • Content and Member Resources
    • Maturity Assessment
    • Mentorship Programme
    • PeopleCert CPD Points
    • Professional Skills Management Framework
    • Bookstore
  • Events
    • Events Overview
    • Events Calendar
    • Event Recordings
    • 2025 Signature Events
      • AI in ITSM
      • Challenge Cup Competition
      • Digital Transformation Business Simulation (London)
      • Digital Transformation Business Simulation (Newcastle)
      • ITIL Case Study Day 2025
      • ITSM25 Conference & Awards
      • SM Forum: Health & Wellbeing at Work
      • SM Forum: SIAM Future Directions
      • Women in ITSM
      • XLA25
    • Annual Conference and Awards
      • ITSM25 Conference & Awards
      • PSMA25: award nominations are open
      • PSMA24 Awards
    • Communities of Practice
      • Armed Forces
      • Service Design
      • Women in ITSM
    • Introduction to ITSM
    • Leadership Council
    • Masterclasses
    • Member Meet-ups
    • Simulations
    • SM Forums
    • Webinars
  • News & Content
    • Blogs and Whitepapers
    • Latest News
    • Monthly Round-up
    • ServiceTalk
    • Content & Member Resources
  • About Us
    • Who We Are
    • Board and Governance
    • Meet the Team
    • Contact Us
    • Terms & Conditions
    • Accessibility
    • Privacy
  • Join Now
  • Member’s Area
  • Member services
    • Membership Benefits
      • Membership Overview
      • Membership Levels and FAQs
    • Content and Member Resources
    • Maturity Assessment
    • Mentorship Programme
    • PeopleCert CPD Points
    • Professional Skills Management Framework
    • Bookstore
  • Events
    • Events Overview
    • Events Calendar
    • Event Recordings
    • 2025 Signature Events
      • AI in ITSM
      • Challenge Cup Competition
      • Digital Transformation Business Simulation (London)
      • Digital Transformation Business Simulation (Newcastle)
      • ITIL Case Study Day 2025
      • ITSM25 Conference & Awards
      • SM Forum: Health & Wellbeing at Work
      • SM Forum: SIAM Future Directions
      • Women in ITSM
      • XLA25
    • Annual Conference and Awards
      • ITSM25 Conference & Awards
      • PSMA25: award nominations are open
      • PSMA24 Awards
    • Communities of Practice
      • Armed Forces
      • Service Design
      • Women in ITSM
    • Introduction to ITSM
    • Leadership Council
    • Masterclasses
    • Member Meet-ups
    • Simulations
    • SM Forums
    • Webinars
  • News & Content
    • Blogs and Whitepapers
    • Latest News
    • Monthly Round-up
    • ServiceTalk
    • Content & Member Resources
  • About Us
    • Who We Are
    • Board and Governance
    • Meet the Team
    • Contact Us
    • Terms & Conditions
    • Accessibility
    • Privacy
  • Join Now
  • Member’s Area
Member's Area
  • Member services
    • Membership Benefits
      • Membership Overview
      • Membership Levels and FAQs
    • Content and Member Resources
    • Maturity Assessment
    • Mentorship Programme
    • PeopleCert CPD Points
    • Professional Skills Management Framework
    • Bookstore
  • Events
    • Events Overview
    • Events Calendar
    • Event Recordings
    • 2025 Signature Events
      • AI in ITSM
      • Challenge Cup Competition
      • Digital Transformation Business Simulation (London)
      • Digital Transformation Business Simulation (Newcastle)
      • ITIL Case Study Day 2025
      • ITSM25 Conference & Awards
      • SM Forum: Health & Wellbeing at Work
      • SM Forum: SIAM Future Directions
      • Women in ITSM
      • XLA25
    • Annual Conference and Awards
      • ITSM25 Conference & Awards
      • PSMA25: award nominations are open
      • PSMA24 Awards
    • Communities of Practice
      • Armed Forces
      • Service Design
      • Women in ITSM
    • Introduction to ITSM
    • Leadership Council
    • Masterclasses
    • Member Meet-ups
    • Simulations
    • SM Forums
    • Webinars
  • News & Content
    • Blogs and Whitepapers
    • Latest News
    • Monthly Round-up
    • ServiceTalk
    • Content & Member Resources
  • About Us
    • Who We Are
    • Board and Governance
    • Meet the Team
    • Contact Us
    • Terms & Conditions
    • Accessibility
    • Privacy
  • Join Now
  • Member’s Area
  • Member services
    • Membership Benefits
      • Membership Overview
      • Membership Levels and FAQs
    • Content and Member Resources
    • Maturity Assessment
    • Mentorship Programme
    • PeopleCert CPD Points
    • Professional Skills Management Framework
    • Bookstore
  • Events
    • Events Overview
    • Events Calendar
    • Event Recordings
    • 2025 Signature Events
      • AI in ITSM
      • Challenge Cup Competition
      • Digital Transformation Business Simulation (London)
      • Digital Transformation Business Simulation (Newcastle)
      • ITIL Case Study Day 2025
      • ITSM25 Conference & Awards
      • SM Forum: Health & Wellbeing at Work
      • SM Forum: SIAM Future Directions
      • Women in ITSM
      • XLA25
    • Annual Conference and Awards
      • ITSM25 Conference & Awards
      • PSMA25: award nominations are open
      • PSMA24 Awards
    • Communities of Practice
      • Armed Forces
      • Service Design
      • Women in ITSM
    • Introduction to ITSM
    • Leadership Council
    • Masterclasses
    • Member Meet-ups
    • Simulations
    • SM Forums
    • Webinars
  • News & Content
    • Blogs and Whitepapers
    • Latest News
    • Monthly Round-up
    • ServiceTalk
    • Content & Member Resources
  • About Us
    • Who We Are
    • Board and Governance
    • Meet the Team
    • Contact Us
    • Terms & Conditions
    • Accessibility
    • Privacy
  • Join Now
  • Member’s Area

Avoiding Scattered Spider’s cyber web

  • By Frank Abagnale
  • November 5, 2024

One successful Gen AI attack on your service desk could destroy your business. Frank Abagnale tells how they did it in Las Vegas and how you can avoid being the next victim.

It’s September 2023 and at the iconic Las Vegas hotels Bellagio, Cosmopolitan and Mandalay Bay, guests are suddenly unable to use their key cards or are finding that room phones and TVs are not working. Lobby ATMs and casino slot machines are unavailable and long queues are forming in the restaurants, bars and checking desks as systems go down and electronic payments are rejected.

Resort staff are urgently resorting to pen, paper and cash while prospective customers can’t make online bookings. This chaos is not confined to Nevada but is happening at MGM resorts all over the US.

Just another temporary IT meltdown, right?

Wrong. This is a targeted attack and the group responsible, Scattered Spider, want a ransom paid to stop it.

I’m Frank Abagnale and I’ve been a fraud and cybersecurity advisor for the last 48 years, working closely with the FBI to train their agents, delivering thousands of seminars to corporations across the world and authoring several best-selling books. You may also recognise me as the inspiration for the 2002 Oscar nominated Spielberg movie ‘Catch Me If You Can’.

So how did the hackers gain access to MGM resorts? Simple, they are believed to have called the  service desk and impersonated an employee. It was that easy.

They would have accrued enough information to persuade the agent to help them out; maybe they pretended to be distressed, angry, or were just apologetic for being so dumb and causing all this fuss. It’s called social engineering, and I first used it as a teenager in the 1960s to get a new Pan Am pilot’s uniform over the phone to make me look more convincing when cashing dud checks at the bank.

While I had to use the NY phone book and some bravado to succeed, today’s criminals have a huge technical advantage which makes them a thousand times more dangerous.

As businesses have adopted robust security to protect both their digital front door and their back-end systems, the IT service desk is now the target of choice for attackers. Agents will be reliant on the caller having the right information and maybe having access to the registered phone for that employee to receive a security code.

However, phones can be hijacked and knowledge stolen. Once criminals have access to credentials, they perform an Account Takeover (ATO) and have free access to the company’s systems. They may steal confidential data or lock everything up and request a ransom in cryptocurrency to resolve.

Generative AI elevates the threat even further; with it, criminals can replicate voices, IDs and even real-time images of the targeted employee. If the caller sounds like the CEO and even looks like the CEO are they going to deny them access?

Thankfully there is help at hand. I advise a company called Trusona Inc. who have pioneered an easy to use, Gen AI resistant tool, ATO Protect, for service desk agents to know who is really on the other end of the line. And it’s equally applicable to finance, HR and other sensitive departments who may be the focus of an attack. Even better there’s no complicated IT deployment required so it can be up and running – and protecting your company – in no time.

Olly Brough from Trusona will be at the ITSM24 Conference and Awards in Reading on 11-12th November 2024 and I encourage you to meet him and see how you could use Trusona to stop attackers targeting your service desk and avoid the chaos that MGM resorts experienced last year.

To conclude the MGM story, they were eventually able to recover control of their systems, but the attack cost them over $100M and caused their share price to dip nearly 5% – all from one fraudulent call to the IT help desk.

MGM could afford to take the hit, could your business? 

Frank Abagnale

Frank Abagnale is one of the world’s most respected authorities on forgery, embezzlement, secure documents, cybercrime, and scams. For over 48 years he has worked with, advised, and consulted with hundreds of financial institutions, corporations, and government agencies around the world.

Ground Floor South
Burford House
Leppington
Bracknell
Berks RG12 7WW

Tel: +44 (0) 118 918 6500

Linkedin-in Youtube

Disclaimer: Our member environment runs on a separate system. As such, when navigating to member areas on this website you may notice that you are redirected to a different environment.

  • Membership Overview
  • Member Area
  • Events Calendar
  • Board and Governance
  • Latest News
  • Contact Us
  • Membership Overview
  • Member Area
  • Events Calendar
  • Board and Governance
  • Latest News
  • Contact Us
Copyright © 2025 itSMF UK. All rights reserved.
Cleantalk Pixel
Manage Cookie Consent
We use cookies to optimise our website and our service.
Functional cookies Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}