Security News > 2021 > February > Microsoft warns of increasing OAuth Office 365 phishing attacks
Microsoft has warned of an increasing number of consent phishing attacks targeting remote workers during recent months, BleepingComputer has learned.
Consent phishing is an application-based attack variant where the attackers attempt to trick targets into providing malicious Office 365 OAuth apps with access to their Office 365 accounts.
Microsoft warned of phishers' shift to new types of phishing tactics such as consent phishing in July 2020, adding to other, more conventional phishing vectors such as email phishing and credential theft attacks.
At the time, multiple phishing campaigns were launching consent phishing attacks against Microsoft customers trying to take control of their accounts, stealing sensitive data, and later using them to defraud organizations in Business Email Compromise fraud schemes.
Microsoft took legal action and dismantled part of the attack infrastructure by taking down six of the domains used to host malicious 365 OAuth apps used to hijack customers' Office 365 accounts.
Starting with October 2020, Microsoft announced that Office 365 consent phishing protections are generally available, including app consent policies and OAuth app publisher verification.
News URL
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft disrupts ONNX phishing-as-a-service infrastructure (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- New Rockstar 2FA phishing service targets Microsoft 365 accounts (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)