Microsoft Warns of “Upgrade” Phishing Attack Targeting Hundreds of Office 365 customers’
January 27, 2022 |
Microsoft has just issued a warning regarding a phishing attack tricking the users into giving their consent to an “Upgrade”. The “upgrade” is actually a malicious app that grants the attackers the authorization to create inbox rules, read and write emails and calendar items, and read contacts. Microsoft’s security intelligence service using machine learning picked up on the suspicious permission request (OAuth) used by app.
“The phishing messages mislead users into granting the app permissions that could allow attackers to create inbox rules, read and write emails and calendar items, and read contacts. Microsoft has deactivated the app in Azure AD and has notified affected customers,” Microsoft said in a tweet.
Microsoft recently said consent-phishing emails or “illicit consent grants” that abuse OAuth requests have steadily increased over the past few years.