Unexpected Slack API calls indicating scraping activity

ID:slack_scraping_anomaly

Data type:Slack

Severity:

Low

Description

AlphaSOC detected an unexpected_scraping event in Slack, indicating the use of scraping tools. These tools can be used by threat actors to collect large amounts of data from Slack workspaces.

Impact

Unauthorized use of scraping tools in Slack can indicate a potential data exfiltration attempt. This may lead to the exposure of sensitive company information, confidential conversations, intellectual property, or customer data.

Severity

Severity	Condition
Low	Unexpected Slack API calls indicating scraping activity

Investigation and Remediation

Review Slack audit logs for unusual activity and verify whether the scraping activity was authorized. If unauthorized, remove the scraping tool, reset affected user credentials, and conduct a thorough security assessment of the environment.

Description​

Impact​

Severity​

Investigation and Remediation​

Description

Impact

Severity

Investigation and Remediation