Advanced Security Isn't Stopping Old Phishing Tactics TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.Dark Reading Resource LibraryBlack Hat NewsOmdia CybersecurityAdvertiseNewsletter Sign-UpNewsletter Sign-UpCybersecurity TopicsRelated TopicsApplication SecurityCybersecurity CareersCloud SecurityCyber RiskCyberattacks & Data BreachesCybersecurity AnalyticsCybersecurity OperationsData PrivacyEndpoint SecurityICS/OT SecurityIdentity & Access Mgmt SecurityInsider ThreatsIoTMobile SecurityPerimeterPhysical SecurityRemote WorkforceThreat IntelligenceVulnerabilities & ThreatsRecent in Cybersecurity TopicsVulnerabilities & ThreatsCritical Flaw in Oracle Identity Manager Under ExploitationCritical Flaw in Oracle Identity Manager Under ExploitationbyRob WrightNov 24, 20252 Min ReadApplication SecurityInfamous Shai-hulud Worm Resurfaces From the DepthsInfamous Shai-hulud Worm Resurfaces From the DepthsbyAlexander CulafiNov 24, 20254 Min ReadWorld Related TopicsDR GlobalMiddle East & AfricaAsia PacificRecent in World See AllApplication SecurityLINE Messaging Bugs Open Asian Users to Cyber EspionageLINE Messaging Bugs Open Asian Users to Cyber EspionagebyTara SealsNov 21, 20257 Min ReadEndpoint SecurityChina's 'PlushDaemon' Hackers Infect Routers to Hijack Software UpdatesChina's 'PlushDaemon' Hackers Infect Routers to Hijack Software UpdatesbyNate Nelson, Contributing WriterNov 20, 20253 Min ReadThe EdgeDR TechnologyEventsRelated TopicsUpcoming EventsPodcastsWebinarsSEE ALLResourcesRelated TopicsResource LibraryNewslettersPodcastsReportsVideosWebinarsWhite Papers Partner PerspectivesDark Reading Resource LibraryCyberattacks & Data BreachesThreat IntelligenceVulnerabilities & ThreatsCyber RiskNewsAdvanced Security Isn't Stopping Ancient Phishing TacticsNew research reveals that sophisticated phishing attacks consistently bypass traditional enterprise security measures.Kristina Beek, Associate Editor, Dark ReadingNovember 25, 20253 Min ReadSource: Hoxton via Alamy Stock PhotoPhishing is nothing new when it comes to cybersecurity threats, constantly putting users and organizations at risk of compromising sensitive information. But a new study has uncovered alarming insights about the persistent nature of phishing attacks against enterprises in particular, revealing how even some of the most mature companies with the most advanced security systems continue to remain vulnerable — and why phishing attacks aren't going away anytime soon.The research, which will be showcased at Black Hat Europe in early December, used failed phishing-resistant authentication attempts as high-fidelity signals to catch malicious activity. Over a 26-month period, the researchers at Okta used FastPass authentication logs to examine authentication attempts across multiple customer organizations using three key approaches: expert security analyst review, grounded large language model (LLM) classification, and customer validation.The findings revealed that many existing enterprise security layers such as email gateways, endpoint protection, and human training programs aren’t up to par by themselves."This number [of organizations affected by phishing] each month never went to zero," says Fei Liu, principal emerging technology researcher, Okta, indicating that malicious phishing represents a constant operational risk for enterprises rather than sporadic incidents.Related:With Friends Like These: China Spies on Russian IT OrgsAdditional insights from the research found that American organizations were the most frequently targeted, and Office 365 was the most targeted application for enterprise single sign-on (SSO) deception.Why Does Phishing Continue to Plague Us?Despite widespread awareness, constant trainings, and security safeguards, phishing remains such a persistent threat largely because of its accessibility as an attack vector, according to Liu. Evil proxy services can easily be purchased off of black markets, allowing even those with limited technical expertise to successfully utilize sophisticated phishing capabilities.Another critical contributor to the ongoing success of phishing attacks is the limited adoption of phishing-resistant authentication, with the research showing that only 40% of Okta users utilize this kind of authentication at least once per month, meaning a majority of organizations are left vulnerable to these kinds of attacks.And when organizations do manage to successfully block attacks, many of them remain unaware of the attempts to begin with. According to the research, five out of seven validated evil proxy incidents went unnoticed by organizational administrators until systems provided a notification.Related:Vision Language Models Keep an Eye on Physical SecurityHowever, the research did reveal an unexpected positive outcome: successful cross-organization security collaboration. Liu noted that historically, sharing security information has been challenging due to the nature of security incidents and the sensitive information involved, but the study’s customer validation approach showed them that not only is it possible, it can often be highly welcomed by organizations.Undoubtedly, phishing will continue to remain an ongoing threat, so organizations should continue to focus on sharing information, having a response playbook for these threats, and implementing layers of phishing-resistant safeguards."The tactics from the attackers' side keep improving," said Liu. "Phishing is kind of straightforward [and] it's still one of the most effective ways to get into your front door. You don’t need innovation. Every organization looks similar."Read more about:Black Hat NewsAbout the AuthorKristina BeekAssociate Editor, Dark ReadingSkilled writer and editor covering cybersecurity for Dark Reading.See more from Kristina BeekMore InsightsIndustry Reports2025 State of Threat Intelligence: What it means for your cybersecurity strategyGartner Innovation Insight: AI SOC AgentsState of AI and Automation in Threat IntelligenceGuide to Network Analysis Visibility SolutionsOrganizations Require a New Approach to Handle Investigation and Response in the CloudAccess More ResearchWebinarsIdentity Security in the Agentic AI EraHow AI & Autonomous Patching Eliminate Exposure RisksSecuring the Hybrid Workforce: Challenges and SolutionsCybersecurity Outlook 2026Threat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesMore WebinarsYou May Also LikeBlack Hat Middle East & AfricaCybersecurity OperationsDo National Data Laws Carry Cyber-Risks for Large Orgs?Do National Data Laws Carry Cyber-Risks for Large Orgs?byNate Nelson, Contributing WriterNov 19, 20254 Min ReadKeep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.SubscribeWebinarsIdentity Security in the Agentic AI EraTues, Dec 9, 2025 at 1pm ESTHow AI & Autonomous Patching Eliminate Exposure RisksOn-DemandSecuring the Hybrid Workforce: Challenges and SolutionsTues, Nov 4, 2025 at 1pm ESTCybersecurity Outlook 2026Virtual Event | December 3rd, 2025 | 11:00am - 5:20pm ET | Doors Open at 10:30am ETThreat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesTuesday, Oct 21, 2025 at 1pm ESTMore WebinarsWhite PapersMissing 88% of Exploits: Rethinking KEV in the AI EraThe Straightforward Buyer's Guide to EDRThe True Cost of a Cyberattack - 2025 EditionHow to be a Better Threat HunterFrom the C-Suite to the SOC: Consolidating the Network Security SolutionsExplore More White PapersDiscover MoreBlack HatOmdiaWorking With UsAbout UsAdvertiseReprintsJoin UsNewsletter Sign-UpFollow UsCopyright © 2025 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.Home|Cookie Policy|Privacy|Terms of Use

Advanced security measures are proving insufficient against persistent phishing tactics, according to a recent study conducted by Okta. The research, to be showcased at Black Hat Europe in early December, reveals a consistent and concerning trend: organizations, regardless of their sophistication and existing security layers, remain vulnerable to phishing attacks due to the continued accessibility and effectiveness of these techniques. The study utilized failed phishing-resistant authentication attempts to identify malicious activity, analyzing over 26 months of FastPass authentication logs across multiple customer organizations. Key findings highlight the ongoing success of phishing attacks primarily driven by readily available malicious proxy services, coupled with the low adoption rate of phishing-resistant authentication among organizations, with only 40% utilizing it monthly.

Furthermore, the research indicated that American organizations were the most frequently targeted, and Office 365 was a prominent target for enterprise single sign-on (SSO) deception. A significant portion of successful phishing attempts went unnoticed by organizational administrators until systems issued a notification—approximately five out of seven validated incidents remained undetected for extended periods. Despite this persistent threat, the study uncovered a positive development: the implementation of a customer validation approach fostered collaboration among organizations, a historically challenging area within cybersecurity.

The research emphasizes that attackers continually refine their methods, with phishing remaining a remarkably simple and effective entry point into enterprise networks. The core issue isn't a technical gap in defenses but rather a fundamental mismatch between the evolving sophistication of attacks and the current adoption rates of robust, preventative measures. Organizations must prioritize the sharing of threat intelligence, maintain a well-defined response playbook, and diligently implement multi-layered security safeguards to mitigate risk. The study ultimately underscores the need for a proactive, adaptive security posture where organizations recognize and address the ongoing challenge posed by persistent phishing attacks.