All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter
First reported by BleepingComputer
Entra passkey enrollment vishing targets Microsoft 365 users

Vishing campaign uses fake Microsoft Entra passkey enrollment to target M365 users

A threat actor tracked as O-UNC-066 (linked to the Pink extortion operation) is using vishing (voice phishing) and fake Microsoft Entra passkey enrollment requests to target Microsoft 365 users. The attackers call victims claiming they need to enroll a new passkey, then direct them to phishing sites mimicking legitimate Entra enrollment pages to steal credentials and MFA responses. Okta attributes the campaign to this group, which targets multiple industries and rapidly exfiltrates data from Microsoft services after account takeover.

BleepingComputer2h ago1 min readenNews
Read on hendryadrian.com

Key quotes

A threat actor is using vishing and fake Microsoft Entra passkey enrollment requests to trick Microsoft 365 users into handing over credentials and MFA responses.
Okta attributes the campaign to O-UNC-066, linked to the Pink extortion operation, which targets multiple industries and rapidly steals data from Microsoft services after account takeover.
The attacker calls users and claims they must enroll a new Microsoft Entra passkey.
Victims are sent to phishing sites that mimic the real Entra passkey enrollment

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.