You've likely seen the headlines about Scattered Spider, a threat actor that’s been targeting retailers and other industries with surprisingly simple tactics. Instead of using high-tech exploits, they rely on social engineering, convincing employees to reset passwords, disable MFA, or share access. In other words, they’re not exploiting technology—they’re exploiting trust.
That’s why people, not just systems, are critical to our defense. At SailPoint, we built custom training for our help desk teams, since attackers often target frontline staff with access to critical systems. We know not every organization has time to create training from scratch, so we’ve made our module available for free to the community. You can download it here and use the file with any SCORM-compatible LMS.
Scattered Spider stands out because their members include native English speakers who know Western workplace norms inside and out. That makes their impersonations (as IT, employees, or contractors) harder to spot, and their attacks harder to defend against without awareness training.
This isn’t about fancy malware or advanced nation-state operations; it’s about human vulnerability, and the best way to fight back is to prepare our people. We hope this training helps you do just that.
Download the module
