Toggle light / dark theme

Entra passkey enrollment vishing targets Microsoft 365 users

A threat actor has been targeting organizations across multiple sectors with voice-based fake security requests that ask Microsoft 365 users to enroll a new Entra passkey.

The attacker is taking advantage of a new capability Microsoft opened to administrators in May, allowing them to run “passkey registration campaigns” to entice users to enrol passkeys for more secure authentication.

The campaign has been running since April and involves calling targeted users and trying to convince them to register a new passkey under the attacker’s control.

Leave a Comment

Lifeboat Foundation respects your privacy! Your email address will not be published.

/* */