Introduction to Custom Phishing Kits
Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. These kits are being used in active attacks to steal Okta SSO credentials for data theft. In comparison to typical static phishing pages, these adversary-in-the-middle platforms are designed for live interaction via voice calls.
Comparison with Traditional Phishing Attacks
Unlike traditional phishing attacks, these custom phishing kits are sold as part of an 'as a service' model and are actively being used by multiple hacking groups to target identity providers, including Google, Microsoft, and Okta, and cryptocurrency platforms. For example, Google and Microsoft are also being targeted by these phishing kits, which is a similar tactic used by other hacking groups.
How Custom Phishing Kits Work
These custom phishing kits are designed to bypass modern push-based MFA, including number matching, because attackers tell victims which number to select. At the same time, the phishing kit C2 causes the website to display a matching prompt in the browser. In comparison to other phishing kits, these custom kits are more sophisticated and can bypass security measures more easily.
Conclusion
In conclusion, custom phishing kits are a new and emerging threat to Okta SSO credentials. These kits are being used in active attacks to steal credentials for data theft. It is essential to be aware of these threats and take necessary precautions to protect your credentials. In comparison to other security threats, custom phishing kits are a significant concern and require immediate attention.