Storyline

Okta warns of vishing attacks exploiting fake Microsoft Entra passkey enrollment

Okta has issued a warning about an active vishing campaign targeting Microsoft 365 users. Attackers impersonate IT staff via phone calls to trick victims into enrolling fraudulent Microsoft Entra passkeys.

Published 2026-07-10 10:30 UTCUpdated 2026-07-10 20:18 UTC
Current brief openSource links open
This current storyline is open here with summary, metadata, source links, continuity context, and full evidence. Paid is for compare-over-time, alerts, exports, and workflow.
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.
3 top sources shown
Okta warns of vishing scheme that extorts data
SC Media · News · scworld.com · 2026-07-10 20:18 UTC
Overview

Okta has issued a warning about an active vishing campaign targeting Microsoft 365 users. Attackers impersonate IT staff via phone calls to trick victims into enrolling fraudulent Microsoft Entra passkeys.

Score total
1.3
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
Why now
  • The campaign is active and targets widely used Microsoft 365 users.
  • Okta's recent warning highlights the urgency to address this emerging threat.
  • Use of panel-controlled phishing kits indicates increasing automation and sophistication in attacks.
Why it matters
  • Attackers bypass strong authentication by exploiting passkey enrollment processes.
  • Organizations across sectors risk account takeover and data extortion.
  • Awareness of this vishing tactic is critical for improving security posture and user training.
Continuity snapshot
  • Trend status: insufficient_history.
  • Continuity stage: broad_confirmed.
  • Current status: open.
  • 3 current source-linked posts are attached to this storyline.
All evidence
All evidence
Okta warns of vishing scheme that extorts data
SC Media · scworld.com · 2026-07-10 20:18 UTC
Okta Warns of Vishing Attacks Targeting Microsoft 365 Customers
SecurityWeek · securityweek.com · 2026-07-10 11:06 UTC
Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access
thehackernews · thehackernews.com · 2026-07-10 10:30 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
  • SC Media (1)
  • SecurityWeek (1)
  • thehackernews (1)
Top origin domains (this list)
  • scworld.com (1)
  • securityweek.com (1)
  • thehackernews.com (1)