Phishing on T-Mobile's Okta

Published on:

June 13, 2022

On This Page

A small list of domains we are seeing registered

We're seeing what could be a precursor to a phishing attack on T-Mobile's Okta instance. The domains we're seeing are registered through CSC Global and Namecheap, hosted on Linode and DigitalOcean We'll keep you posted on updates, in the meantime, here are the domains:
okta-tmobiie[.]net
t-mobile-okta[.]us
okta-oath[.]com
t-mobile-okta[.]com
okta-tmobile[.]org
okta-tmo[.]org"

Related Content

SecuritySnacks

Cybersecurity Reading List - Week of 2026-02-02

Commentary followed by links to cybersecurity articles and resources that caught our interest internally.

Learn More

SecuritySnacks

SecuritySnack: Phishing Interviews

Phishing campaign targets job seekers with fake career portals and interview invites, stealing ID.me credentials and deploying malware since August 2025.

Learn More

SecuritySnacks

Pay to Lose: Dubious Online Gambling Games

Be wary of "real money" games this New Year. This report uncovers hundreds of fake Android gambling apps using spoofed reviews, fake win declarations, and "waistcoat" shells to trick users into sideloading unregulated, predatory gambling software.

Learn More

Phishing on T-Mobile's Okta

A small list of domains we are seeing registered

Heading