A phishing campaign has been discovered that doesn’t target a recipient’s username and password, but rather uses the novel approach…
A phishing campaign has been discovered that doesn’t target a recipient’s username and password, but rather uses the novel approach of gaining access to a recipient’s Office 365 account and its data through the Microsoft OAuth API.
Almost all Microsoft Office 365 phishing attacks that we see are designed to steal a user’s login name and password by impersonating a Microsoft login landing page.
In a phishing campaign discovered by threat intelligence and mitigation firm PhishLabs, attackers are no longer targeting a user’s login credentials, but are now using Microsoft Office 365 OAuth apps to hijack a recipient’s account. (read more here)
PhishLabs has offered some Office 365 guidelines to help users avoid malicious OAuth applications:
To learn more about how you can protect your Office 365 data, check out Datto SaaS Protection. Engineered to be the leading, one-stop-shop for cloud-to-cloud SaaS application backup, SaaS Protection gives you consistently reliable granular backups, quick and easy restores and exports, secured data for compliance and regulatory needs, and world-class 24/7/365 support. Join the 3.5 million end users already protected by Datto SaaS Protection. Learn more today!