{"id":392,"date":"2026-02-01T15:52:01","date_gmt":"2026-02-01T20:52:01","guid":{"rendered":"https:\/\/maxalbanese.com\/news\/?p=392"},"modified":"2026-02-02T18:29:36","modified_gmt":"2026-02-02T23:29:36","slug":"a-new-wave-of-vishing-attacks-is-breaking-into-sso-accounts-in-real-time","status":"publish","type":"post","link":"https:\/\/maxalbanese.com\/news\/social-engineering\/a-new-wave-of-vishing-attacks-is-breaking-into-sso-accounts-in-real-time\/","title":{"rendered":"A new wave of \u2018vishing\u2019 attacks is breaking into SSO accounts in real time"},"content":{"rendered":"\n

A new wave of real-time voice-phishing (vishing) attacks<\/strong> is targeting enterprise identity systems \u2014 particularly single sign-on (SSO) platforms like Okta, Microsoft and Google login portals<\/strong> \u2014 to steal credentials and bypass multi-factor authentication (MFA). Criminals are using sophisticated phishing kits that allow attackers to call targeted employees, control what appears in their browser, and sync spoken prompts with authentication challenges<\/strong> in real time, increasing the probability that victims will unwittingly approve MFA prompts or enter codes. <\/p>\n\n\n\n

These campaigns have been linked to cybercrime actors using the \u201cShinyHunters\u201d name<\/strong>, who have claimed responsibility and even posted samples of stolen data online, though formal attribution remains under investigation. Researchers at Mandiant and Okta Threat Intelligence characterize the activity as active and ongoing<\/em> with malicious domains set up to mimic legitimate SSO pages and extortion attempts already reported by some victims. The attacks underscore the limits of traditional MFA against advanced social engineering and reinforce the need for phishing-resistant defenses<\/strong> and heightened employee awareness.<\/p>\n\n\n\n

\n
Read the full story<\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

A new wave of real-time voice-phishing (vishing) attacks is targeting enterprise identity systems \u2014 particularly single sign-on (SSO) platforms like Okta, Microsoft and Google login portals \u2014 to steal credentials…<\/p>\n","protected":false},"author":1,"featured_media":393,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41],"tags":[38,40,37,39],"class_list":["post-392","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-social-engineering","tag-mfa","tag-social-engineering","tag-sso","tag-vishing"],"_links":{"self":[{"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/posts\/392","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/comments?post=392"}],"version-history":[{"count":1,"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/posts\/392\/revisions"}],"predecessor-version":[{"id":394,"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/posts\/392\/revisions\/394"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/media\/393"}],"wp:attachment":[{"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/media?parent=392"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/categories?post=392"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/maxalbanese.com\/news\/wp-json\/wp\/v2\/tags?post=392"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}