That’s possible by using a specific Microsoft 365 consent app that gives attackers access to the user’s email. These consent apps actually are Microsoft 365 OAuth applications. At the moment, this phishing campaign takes the form of a New terms of service agreement that Coinbase users must read and accept in order to continue using the service. Things like that have constantly happened during the past few years. Here’s what one user said:
How to protect Microsoft 365 account from Coinbase phishing?
You are asked to log in to the Microsoft account. Pay attention to the URL and see if it asks for the User.Read, Mail.Read, and Mail.ReadWrite permissions. Once in your Microsoft account, you’ll see a new prompt to allow an app from coinbaseterms.app to access your account. At this point, do not accept the app’s request or else you risk turning into a victim of a fraudulent practice that may a huge impact on your security. The security token associated with your account will fall into the wrong hands and will get compromised in no time. Hackers will be able to access your mail, contacts, personal notes, and any sensitive information stored on your cloud storage space. Let us know if this has ever happened to you in the past, by using the comments area below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
