Forget Phishing, Scammers Are Now Targeting Your Support Team

Last Updated:Wednesday, January 7, 2026

This week on Funnel Frontier: Binance flagged a new scam tactic. Instead of customers, scammers are going straight for your agents. Here’s how.

 

Funnel Frontier newsletter mascot

This week:

  • Zendesk and AWS just teamed up to fix your Frankenstack
  • Agentforce is printing revenue, and now sales too

Stat of the Week

The CRM market is projected to grow by 12% annually through 2028, with the market expected to reach $129 billion by then. (CRM.org)

 

Forget phishing, scammers are now targeting your support team

Scammers aren’t just preying on users anymore; they’re targeting your support team’s workflow.

Binance just exposed a scam attempt that flipped the usual script. Instead of impersonating the exchange to steal funds, the attacker posed as a victim trying to trick support into issuing a refund.

The case only became public after a Binance customer service rep broke it down in a post on X, walking through how the scam unraveled step by step.

But here’s the twist: the scammer used real messages from a real Binance exec. “The executive himself was completely unaware of the theft,” Binance posted. “The account was not compromised.”

🎭 The new scam playbook

This wasn’t a high-tech hack. It was a performance, and the support agent was the mark.

Here’s how it went down:

  • Scammer claimed they were duped by a Binance exec.
  • Sent doctored Telegram screenshots and wallet transfers.
  • Used real chat logs to bait support into a response.
  • Demanded verification and threatened public escalation.

It almost worked.

The agent flagged inconsistencies in the transfer history, questioned the screenshots, and found that the wallet address belonged to the user, not the supposed scammer. The whole thing was a setup.

🎯 Why support teams are in the crosshairs

Binance’s post said it loud and clear: “This time, we’ve decided to break our silence. The purpose of this public sharing is to raise awareness and prevent new types of scams.”

The attack vector wasn’t code. It was trust.

Customer service teams are now on the front lines of fraud. And when scammers walk in the door pretending to be victims? A “customer-first” mindset can become a liability if your team isn’t trained to smell BS.

💡 What this means for CX leaders

Fraud isn’t just a security problem. It’s a support one too.

Here’s how to stay sharp:

  • Train agents to spot social engineering, not just serve with empathy.
  • Give them access to internal systems so they don’t have to trust screenshots.
  • Make escalation easy when something doesn’t feel right.
  • Back them up when they push back.

And most importantly? Rethink what “customer centric” means in 2026. Because sometimes the customer is the attacker.

 

The Week @ CRM.org

The Best CRM Analytics Tools. Analytical CRM is your personal Hubble telescope for customers, zooming in on those customer details. 

Best Small Business CRMs. A tasting menu of secret sauce for SMBs.

🌸 Weekly Bloom 🌸 

The Power Paradox: How Empathy Becomes Tyranny. Started as Mr. Nice, ended as Emperor Palpatine. Avoid the pitfalls of powering up.

 

Asset visibility just went from IT checkbox to CX essential

What do connected medical devices, rogue employee laptops, and your chatbot’s cloud backend have in common? If they’re not visible to your security stack, they’re liabilities, especially in customer experience.

That’s why Cisco is reportedly eyeing a $2B acquisition of Axonius, the asset intelligence platform already hooked into 300+ security and IT tools. 

While Axonius denies the rumors, the strategic logic is loud and clear. In 2026, blind spots don’t just cause breaches. They break customer trust.

🧠 From endpoints to experience points

Axonius builds real-time inventories of every device, app, cloud asset, and user account on your network and maps them to the right controls. 

So when a CX agent accesses a support tool or a chatbot pings a backend API, you know what’s connecting, who owns it, and what data is at stake.

That visibility means:

  • No mystery devices leaking customer data
  • No “unknown unknowns” triggering compliance alerts
  • No support outages caused by forgotten cloud assets

And if Cisco does buy Axonius? It’d slot right into the vendor’s Splunk-fueled strategy: unifying network and security insights to keep digital services (read: your CX stack) safe and fast.

🔍 Why CX leaders should care

“Armis and Axonius each provide deep visibility into managed and unmanaged assets across IT, IoT, and OT environments,” said ZK Research’s Zeus Kerravala. “Enterprises increasingly lack control and insight.”

Translation: the more complex your CX stack, the more you’re exposed.

That new self-service portal? It might depend on five vendors, three clouds, and one intern’s BYOD laptop. Without automated visibility and enforcement, any one of them could be the weak link that lets attackers in, or tanks your NPS.

💡 What this means for your stack

If you’re serious about AI, automation, or customer trust, you better get serious about asset visibility.

Here’s the move:

  • Build a real-time inventory of everything connected to your CX workflows
  • Treat visibility as a business continuity tool, not just an IT function
  • Pick platforms that surface gaps before attackers do—and plug them automatically
  • If your CX isn’t built on secure infrastructure, it’s not built to last

Security isn’t a backend concern anymore. It’s a frontline CX strategy. And asset visibility is how you keep the lights on when every interaction, every device, and every AI assistant is live, logged in, and potentially a target.

 

Galactic Gourmet

CRM blips from around the web

Pinterest taps Anonym for privacy-safe ad performance insights. Pinterest is partnering with Anonym to help advertisers analyze campaign impact using tightly governed data—without sacrificing privacy. The partnership enables encrypted, privacy-preserving measurement of conversions and audience lift across Pinterest.

LiveRamp expands marketplace with data, models, and AI agents. LiveRamp’s Marketplace now offers governed access to AI-ready data, third-party models, and AI agents. Marketers can train models, license intelligence, and soon deploy AI apps—streamlining development of privacy-safe, data-rich marketing use cases.

Adstra and TMC bring identity resolution to Databricks Clean Rooms. Marketers can now match and enrich first-party data securely inside Databricks Clean Rooms. Adstra’s Conexa graph boosts reach, speed, and precision, without moving data or exposing sensitive customer information.

 

If you'd like weekly CRM news like this delivered to your inbox, subscribe to Funnel Frontier!