Okta Phishing Scam: UNC Hackers Create Fake Company Pages for Corporate Breach

Vaibhav April 10, 2026
Okta-Phishing-Scam-UNC-Hackers-Create-Fake-Company-Pages-for-Corporate-Breach
Post Views: 8

Corporate Data Theft Campaign Uncovered

A sophisticated hacking group called UNC6783 has been exploiting partnerships to gain access to sensitive corporate data.

The Tactics Employed

  • UNC6783 creates fake Okta login pages and uses social engineering tactics to infiltrate high-value organizations.

  • They target business process outsourcers (BPOs) and compromise the security of numerous large corporations.

  • The hackers use a unique phishing kit designed to evade traditional security measures.

  • Initial contact is made through a live chat window posing as helpful support staff to extract information from employees.

  • Once compromised, the victims are directed to a counterfeit Okta login page that appears legitimate due to its domain name in the format “zendesk-support<##>com”.

  • The hackers exploit the compromised computer clipboard to steal sensitive data and enroll their own devices on the company’s security list, granting persistent access to the network.

The Risks Involved

According to industry experts, “If left unchecked, these types of partnerships can serve as a vulnerability that attackers can exploit, emphasizing the importance of securing the entire ecosystem rather than solely focusing on individual enterprises.”

Prevention Measures

  • Implementing robust security measures such as physical security keys (FIDO2 standard) to replace traditional two-factor authentication methods.

  • Regularly monitoring live chat logs and blocking suspicious web links resembling the Zendesk pattern.

  • Reviewing the list of authorized devices allowed to log in to prevent unauthorized access.

  • Maintaining vigilance and implementing comprehensive security protocols to mitigate the risks associated with these types of attacks.

Conclusion

The UNC6783 group’s tactics highlight the importance of adopting robust security measures to protect against sophisticated threats. Organizations must remain vigilant and implement comprehensive security protocols to mitigate the risks associated with these types of attacks, ensuring the integrity of their sensitive data.



About Author

Vaibhav

See author's posts

More Stories

New-macOS-Malware-NotnullOSX-Targets-High-Value-Crypto-Wallets

New macOS Malware NotnullOSX Targets High-Value Crypto Wallets

Vaibhav April 9, 2026
North-Korea-Hacking-News-Developer-Platforms-Targeted-for-Espionage-and-Cyber-Attacks

North Korea Hacking News: Developer Platforms Targeted for Espionage and Cyber Attacks

Vaibhav April 8, 2026
New-Node-js-Malware-Spreads-Through-Tor-Network-to-Steal-Cryptocurrency

New Node.js Malware Spreads Through Tor Network to Steal Cryptocurrency

Vaibhav April 8, 2026

Latest Cyber Security News

FleetWave-Experiences-Major-Outage-Following-Cybersecurity-Breach

FleetWave Experiences Major Outage Following Cybersecurity Breach

Vaibhav April 10, 2026
AWS-Introduces-Agent-Registry-for-Enhanced-Control-over-AI-Agents

AWS Introduces Agent Registry for Enhanced Control over AI Agents

Vaibhav April 10, 2026
Bitcoin-Depot-Experiences-Significant-Loss-Following-System-Breach

Bitcoin Depot Experiences Significant Loss Following System Breach

Vaibhav April 10, 2026
Adobe-Reader-Zero-Day-Exploit-Used-in-Months-Long-Cyber-Attack-Campaign

Adobe Reader Zero-Day Exploit Used in Months-Long Cyber Attack Campaign

Vaibhav April 10, 2026
Operation-CyHawk-4-0-Investigation-Uncovers-Additional-Suspects-in-Delhi-Scam

Operation CyHawk 4.0 Investigation Uncovers Additional Suspects in Delhi Scam

Vaibhav April 10, 2026
en_USEnglish
en_USEnglish