A huge phishing campaign has targeted over 130 companies, including Twilio and Signal

The 0ktapus phishing campaign is one of the best-executed security attacks of this scale to date. | Illustration by Alex Castro / The Verge Over 130 organizations, including Twilio, DoorDash, and Signal, have been potentially compromised by hackers as part of a months-long phishing campaign nicknamed “0ktapus” by security researchers. Login credentials belonging to nearly 10,000 individuals were stolen by attackers who imitated the popular single sign-on service Okta, according to a report from cybersecurity outfit Group-IB. Targets were sent text messages that redirected them to a phishing site. As the report from Group-IB states, “From the victim’s point of view, the phishing site looks quite convincing as it is very similar to the authentication page they are used to seeing.” Victims were asked for their username, password, and a two-factor authentication code. This… Continue reading… from The Verge – All Posts https://ift.tt/DwT9ZKC via Grabey Blog
http://dlvr.it/SXHjMC