Single Sign-On Smishing
Smishing Image

Single Sign-On Smishing

Okta’s single sign-on (SSO) service allows users to log in to multiple accounts by using one set of login credentials. Unfortunately, users aren’t the only people who benefit from this service. Cybercriminals are taking advantage of Okta and other SSO services in a recent smishing (SMS phishing) scam.

To start this scam, cybercriminals send you a text message about an important update to one of your organization’s policies. The text message says to tap a link to read the updated policy. If you tap the link, you’ll be taken to a fake Okta login page and prompted to enter your login credentials. Then, the cybercriminals can use your credentials to access your Okta account and other accounts linked through the service. Once they have access, the cybercriminals can steal sensitive information from you and your organization.

Follow the tips below to stay safe from similar scams:

  • Always be cautious of unexpected text messages. While this scam targets Okta users, it could be used with any authentication service.
  • Think before you click! Cyberattacks are designed to catch you off guard and make you act impulsively.

Never tap on a link in a text message that you aren’t expecting. Instead, open your internet browser and navigate to the organization’s official website.


Knowbe4 Logo

Stop, Look, and Think. Don’t be fooled.

Protect your network! Learn more about security awareness training for your team.

Like this article?

Share on Facebook
Share on Twitter
Share on Linkdin
Share on Pinterest

More Posts

Incognito Mode Image
Cybersecurity

3 Myths About Incognito Mode

In today’s digital age, protecting our online privacy has become increasingly important. Many users turn to incognito mode, also known as private browsing, believing it

Hacker Fire Image
Cybersecurity

Insights from 3.5 Billion Cyber Attacks

90% involve social engineering (see below)   In the realm of cybersecurity, the ability to predict and prepare for attacks is invaluable. Much like how

Deepfake Image
Cybersecurity

Deepfake Voice Phishing

How It WorksDeepfake technology uses artificial intelligence to mimic voices with astonishing accuracy. Scammers obtain samples of the target’s voice, often from social media or

SuperPod with WiFi 6E

Plume SuperPod WiFi 6E Specs

SuperPod with WiFi 6

Plume SuperPod WiFi 6 Specs

SuperPod

Plume SuperPod Secs