Okta, an identity and access management company, has issued a warning about a new wave of social engineering attacks targeting IT service desk agents at U.S.-based customers.
ADVERTISEMENT
The attackers aim to trick agents into resetting multi-factor authentication (MFA) for high-privileged users, which would give them full administrative access to the victim’s Okta account.
Attack’s methodology
The attacks typically begin with an email from a compromised account, such as an executive or other high-profile individual, requesting the IT service desk agent to reset the MFA for security or troubleshooting purposes.
If the agent falls for the ruse, they will be directed to a fake Okta website that looks authentic, and then prompted to enter their credentials.
Once the attackers obtain the agent’s credentials, they can log into the victim’s Okta account, disable MFA, and gain full administrative access.
Read also: Cybersecurity experts develop a dark web-trained AI.
How do you protect yourself?
To protect yourself from these attacks, it’s essential to be vigilant and skeptical of unsolicited requests. Never enter your credentials on a website you don’t trust, and always verify the URL matches the real Okta website.
Keep your MFA software up to date, and train your IT service desk agents to spot and report phishing attacks. Additionally, use strong passwords, enable MFA for all accounts, keep your software up to date, and exercise caution when sharing personal information online.
Be wary of unsolicited emails or phone calls, and report any suspicious activity immediately.
By following these tips, you can help protect yourself from Okta hackers and other cyber threats.
Remember, even the most secure IAM systems can be vulnerable to social engineering attacks. Stay informed and take proactive measures to safeguard your accounts and personal information.
Advertisement