Identity and access management company Okta released a warning about social engineering attacks targeting IT service desk agents at U.S.-based customers in an attempt to trick them into resetting multi-factor authentication (MFA) for high-privileged users. To protect admin accounts from external actors, Okta recommends enforcing phishing-resistant authentication using Okta FastPass and FIDO2 WebAuthn.