Entra passkey enrollment vishing targets Microsoft 365 users

Summary

A threat actor is targeting Microsoft 365 users with a vishing campaign that impersonates security teams to trick users into enrolling a new Entra passkey. The attack aims to compromise user accounts through social engineering tactics that exploit the trust in security-related communications.

IFF Assessment

FOE

This article describes a new social engineering tactic targeting users with a phishing attack, which is detrimental to defenders.

Defender Context

This attack highlights the ongoing threat of sophisticated social engineering, particularly vishing, even as organizations adopt stronger authentication methods like passkeys. Defenders should educate users about the risks of unsolicited security prompts and emphasize verifying requests through official channels.

Read Full Story →