Security awareness

New phishing campaign targeting OAuth tokens

Nimblr has noticed an increase in phishing attacks that steal users’ OAuth authentication tokens, giving them full access to the victim’s email, calendar, and contacts.

 OAuth is a authentication method that uses tokens to access online service such as Microsoft 365, Google Workspace and other services. The new phishing attacks trick users into accepting malicious apps’ access to rights and settings in various systems.

Unlike traditional phishing, the user does not have toenter their password, it is often enough to just click “accept” for the attack to succeed. Both Microsoft and other service providers have recently warned of the increasing amount of “consent phishing”. The attackers try to create a sense of urgency, and instruct the recipient to approve access to various systems, e.g. Email, Facebook, Microsoft or Gmail.

New threats and attacks are spread rapidly on the Internet. What was happening yesterday is old news today. Nimblr Security Awareness is therefore continually updated with new Zero-Day training sessions and associated simulations based on current attacks and threats.

Learn more at