August 12, 2022

Cloudflare: The mechanics of a sophisticated phishing scam and how we stopped it

Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees. While individual employees did fall for the phishing messages, we were able to thwart the attack through our own use of Cloudflare One products, and physical security keys issued to every employee that are required to access all our applications.

We have confirmed that no Cloudflare systems were compromised. Our Cloudforce One threat intelligence team was able to perform additional analysis to further dissect the mechanism of the attack and gather critical evidence to assist in tracking down the attacker.

This was a sophisticated attack targeting employees and systems in such a way that we believe most organizations would be likely to be breached. Given that the attacker is targeting multiple organizations, we wanted to share here a rundown of exactly what we saw in order to help other companies recognize and mitigate this attack.

MORE FIDO in the News


CISO Series: Cyber Security Headlines: Bypassing patches, ChatGPT polymorphic malware, Bitwarden goes passwordless

Bitwarden acquires Passwordless.dev – This marks the first acquisition for...

January 20, 2023

Forbes: Thousands Of PayPal Accounts Hacked—Is Yours One Of Them?

According to a PayPal notice of security incident dated January...


B2B Cyber Security: Cybersecurity Trends for 2023

Perhaps the FIDO Alliance’s passkey solution is the first truly...


Sky News: ‘Passkeys’ mean you ‘never need to know a password’

Image Matrix Tech Editor Djuro Sen says “passkeys”, developed by...

Download Authn Specs
Sign up for updates!Get news from FIDO Alliance in your inbox.

By submitting this form, you are consenting to receive communications from: FIDO Alliance, 3855 SW 153rd Drive, Beaverton, OR 97003, US, http://www.fidoalliance.org. You can revoke your consent to receive emails at any time by using the unsubscribe link found at the bottom of every email.