A new report from CyberCube just confirmed what many of us in cybersecurity have long suspected: Scattered Spider is targeting hundreds of major enterprises with precision. Nearly 300 companies—each with over $500 million in annual revenue—have been flagged as high-risk. Why? Because they’re still running the same legacy technologies this threat group exploits with shocking ease.
Microsoft Active Directory. Okta. Remote management tools. Soft underbellies left wide open by systems that rely on outdated, easily bypassed MFA and auth apps.
This group doesn’t need advanced malware. They use voice phishing and social engineering to trick IT help desks into handing over credentials or bypassing MFA. And when MFA means push prompts or 6-digit codes? That’s game over.
We’ve seen them hit retail, insurance, hospitality, and now airlines—all in the past few months. Marks & Spencer. Aflac. Hawaiian Airlines. The pattern is obvious. The playbook hasn’t changed. And neither has the vulnerability: authenticator apps, SMS codes, and fallbacks that still trust the user too much.
Token Ring and Token BioStick render these attacks useless.
They don’t rely on push notifications, shared secrets, or user judgment. They don’t sync to the cloud. They don’t respond to spoofed domains. Instead, they verify identity using a live biometric fingerprint, stored only in hardware, and tied cryptographically to the exact domain being accessed.
If a Scattered Spider operator tried their usual real-time phishing trick, Token would simply refuse to authenticate. No match? No login. No breach.
Here’s the bottom line:
If your authentication system can be bypassed by a fake call to the help desk, or a user clicking a bad link, it’s already obsolete.
Token stops that entire class of attack.
We can’t say we weren’t warned. The attackers are known. Their methods are public. The risk is documented. Now the question is: Are you still relying on MFA that can be phished? Or have you deployed something that actually stops the breach?
Request a demo to learn how we can lock down your workforce in just one day.