Sophisticated Phishing Campaign Exploits Microsoft Entra Passkey Enrollment for Unauthorized Access
Threat actors are exploiting Microsoft Entra passkey enrollment processes through a sophisticated phishing kit, tricking users into registering malicious passkeys for unauthorized Microsoft 365 access. The attack involves real-time operator-controlled phishing pages and targets multiple industries, leveraging user unfamiliarity with passkey authentication.
A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a new Entra passkey with an aim to carry out data extortion attacks.
The threat actor, tracked by Okta under the moniker O-UNC-066, has deployed a panel-controlled phishing kit that's capable of targeting the passkey enrollment process. The
*** END OF TRANSMISSION ***