More than 130 companies have recently been targeted in a series of similar account takeover attacks through social engineering. Our strong authentication, as part of our larger Zero Trust strategy, caused the threat actor to fail.
Cloudflare’s security team received reports of (1) employees receiving legitimate-looking text messages pointing to what appeared to be (2) Cloudflare’s Okta login page. While the threat actor attempted to log in with compromised credentials (3-4), they could not get past the security key requirement that Cloudflare Zero Trust activated.
While security keys are not a silver bullet against all attacks, they strengthen the barrier and work in conjunction with additional Zero Trust security measures such as DNS filtering, browser isolation, cloud email security, and more.