No DMs, No Mercy

Eran Goldman-Malka · January 23, 2026

Cybersecurity   Threat Intelligence

The “hey, can you help me real quick?” culture undermines enterprise security by bypassing verified support processes. This informal DM approach to IT requests creates exploitable gaps exploited by social engineers. fastpasscorp

IT Admin Meme

Attack Vectors in Action

Malicious actors impersonate users via compromised or spoofed accounts on Slack, Teams, or phone, requesting urgent password resets without formal verification. Real-world examples include the 2020 Twitter breach, where phone-based social engineering tricked help desk staff into granting server access, leading to hijacked celebrity accounts and DM data theft. Similarly, the 2023 MGM Resorts ransomware attack began with a vishing call to the service desk, crippling operations and costing millions. getnametag

Why Ticketing Systems Are Essential

Formal ticketing enforces audit trails, MFA verification, and manager approvals, are key controls under ISO 27001 for logging actions and demonstrating compliance during audits. These systems create verifiable records of identity and actions, reducing social pressure and enabling metrics like response times for continuous improvement. Under NIS2 and DORA, they support incident reporting and third-party risk management by standardizing processes over ad-hoc favors. deepwatch

Actionable Recommendations

  • Implement a “No Ticket, No Action” policy with automated bots redirecting DMs to the portal (e.g., ServiceNow or Jira integrations). htl
  • Train help desk on phrases like “I’m in a rush” as red flags, using simulated phishing for awareness. htl
  • Audit logs regularly for ISO 27001 evidence, integrating with SIEM for behavioral visibility. konfirmity

Prioritizing tickets over convenience aligns with compliance frameworks and prevents breaches. A 30-second delay averts multimillion-dollar risks. fastpasscorp

Resources for Deeper Learning

  • NIST Guide on Social Engineering: https://www.cyber.gov.au/threats/types-threats/social-engineering cyber.gov
  • Unit 42 Report on Social Engineering Trends: https://unit42.paloaltonetworks.com/2025-unit-42-global-incident-response-report-social-engineering-edition/ unit42.paloaltonetworks
  • ISO 27001 Audit Essentials: https://www.a-lign.com/articles/iso-27001-audit-essentials a-lign

🚀 Building resilient systems? Join my weekly AI & Engineering talks on secure workflows for SaaS. 👉 Book your spot: Calendly Security tips in our WhatsApp group. 👉 Join: EU.AI group

#CyberSecurity #InfoSec #ISO27001 #NIS2 #DORA #SocialEngineering #ITManagement

Twitter, Facebook