Have you ever approved a login prompt without thinking twice? That could be all an attacker needs.

Cyber security and staying vigilant against phishing attacks is now more important than ever. A recent case involving the ‘PoisonSeed’ threat group highlights how attackers are becoming increasingly sophisticated, bypassing even advanced security measures.

In this case, attackers targeted users who were protected by multi-factor authentication (MFA) – a strong, phishing-resistant standard like what we use at Flinders. Instead of breaking through the MFA itself, attackers exploited a feature called ‘cross-device authentication’ where login approvals can happen on a different device than the one initiating the login. This trick allowed them to bypass usual protections.

 

Awareness and caution are key:

• Flinders’ legitimate Okta address is flinders.okta.com

• Always verify unexpected login prompts, especially if you weren’t actively trying to sign in

• Be wary of emails or messages urging you to act quickly or to click unfamiliar links

• If something feels off, report it to IDS

 

Read more details on the PoisonSeed phishing campaign in the article here.