MICROSOFT has warned users of a new phishing scam that uses a fake app to steal their information.
Threat actors have been targeting Microsoft 365 users with a fraudulent app that steals their OAuth authentication token. Targeting a user's OAuth – a standard that gives websites access to a user's login information – can get hackers full access to a victim's email, calendar, and contacts. Microsoft learned of the phishing scam from a Twitter user by the handle of @ffforward. "Massive active image-based #phishing campaign missed by Defender for @Office365 for several days," the tweet revealed, prompting Microsoft to do its own investigation. Use the authenticate sites like aka.ms/authapp The tech giant discovered that the hacker group has been targeting Microsoft 365 users with an app called Upgrade. They also uncovered the app was using the publisher name 'Counseling Services Yuma PC.' The threat actors have been sending emails to potential victims with an OAuth request that sends an OAuth token back to the actors once the users have signed into a serv