Okta warns of vishing attacks targeting Microsoft 365 user credentials

Okta warns of a rise in voice phishing attacks where callers impersonate IT support to steal Microsoft 365 credentials and bypass multi-factor authentication.

CSBadmin
2 Min Read

Okta has issued an urgent warning about a surge in voice phishing—or vishing—attacks targeting Microsoft 365 customers, where attackers impersonate trusted IT support to steal login credentials and bypass multi-factor authentication.

The attacks involve phone calls where threat actors pose as help desk or security personnel, directing victims to phishing websites that closely mirror Microsoft Entra ID login pages. Once victims enter their credentials, attackers capture them in real time and immediately use them to access corporate accounts and data.

These social engineering campaigns are increasingly sophisticated, leveraging caller ID spoofing to make the calls appear to originate from legitimate organizational numbers. The attackers often reference recent security incidents or account issues to create urgency and pressure victims into complying without verification.

Okta recommends organizations educate users about vishing techniques, implement strict call-back verification procedures, and deploy phishing-resistant authentication methods such as FIDO2 security keys or passkeys. The company also advises using conditional access policies that require device compliance checks and location-based verification before granting access to sensitive resources.

The warning follows a broader industry trend of attackers shifting from email-based phishing to voice channels, as traditional email security filters have become more effective at blocking malicious links and attachments. Microsoft 365 administrators are urged to review sign-in logs for anomalous authentication patterns and enable additional verification prompts for high-risk sessions.

CSBadmin

The latest in cybersecurity news and updates.

Share This Article
Follow:
The latest in cybersecurity news and updates.