Once you work from home (remote working) has become indispensable for many companies, banks si institutions, the strategy of cyber attackers has also changed.
Microsoft warns that more and more have appeared malicious applications concerning Office 365 accounts, and the method of OAuth token security is canceled if the user accepts access to such applications in your Office 365 account.
It is a phishing method "Fashionable" in this period, which is based on inattention and ignorance of users.
An e-mail is sent contains a link to an "interesting" application, which at first glance does not arouse suspicion. Moreover, it can come as an installation recommendation from the company or bank where the user is employed.
But if the user falls into the trap and gives access to the application to Microsoft Office 365, in the future that application will not be blocked by OAuth. They can hide behind applications API through which numerous queries can be made to the Office account 365. Account from which the attackers can obtain confidential information and extract sensitive data with the help of the application, without the user noticing this.
Everything works on the same system through which in the past the applications from Google Play for the "flashlight" requested access including the contact list. Once the user's permission was received, the application could transport confidential data to third-party malicious sources in the background.
Facebook has also faced such problems in the past, when third-party applications had access to more data than they needed, data that turned out to be sold to various communications agencies.
As for Microsoft Office 365 users working these days from home, it is good to know that any incoming mail that invites you to install an application for Office 364, must be checked in advance by an IT department. Only after this department agrees can the application gain access to your Office 365 account.
The best protection against phishing is always user caution. Links and applications received by e-mail and opened or installed without verification can cause large data loss and compromise careers.