Entra passkey enrollment vishing targets Microsoft 365 users
Summary
A threat actor is targeting Microsoft 365 users with a vishing campaign that impersonates security teams to trick users into enrolling a new Entra passkey. The attack aims to compromise user accounts through social engineering tactics that exploit the trust in security-related communications.
IFF Assessment
FOE
This article describes a new social engineering tactic targeting users with a phishing attack, which is detrimental to defenders.
Defender Context
This attack highlights the ongoing threat of sophisticated social engineering, particularly vishing, even as organizations adopt stronger authentication methods like passkeys. Defenders should educate users about the risks of unsolicited security prompts and emphasize verifying requests through official channels.