The remote work scenario has seen more organizations shift to Microsoft 365.
Threat actors are using this chance to launch a new phishing campaign spreading malicious Azure apps.

Infographics - Beware of malicious Azure apps
Download Infographic

Download and share the infographic for free with employees.

How does it work?

  1. Phishing email asks the users to install an Azure app via a URL.
  2. Users click on the URL and reach an attacker-controlled website.
  3. Users are redirected to a genuine Microsoft login page.
  4. Once logged in, a token is generated for the malicious app.
  5. Users are prompted to authorize permissions for the malicious app.

We recommend the following

  1. Be cautious of emails asking to install apps and update patches.
  2. Verify the sender’s email ID before acting on an email.
  3. Carefully filter out unnecessary permissions before activating an app.