Okta Warns of Custom Phishing Kits Targeting SSO Credentials via Vishing Attacks

Okta has issued a warning about the existence of custom phishing kits specifically designed for social engineering attacks conducted over the phone (vishing). These kits are currently being used in active attacks aimed at stealing Okta single sign-on (SSO) credentials to exfiltrate data. Attackers are leveraging these vishing techniques to bypass traditional security mechanisms and gain access to users' single sign-on accounts.