The Microsoft Security Intelligence team is warning that Office 365 customers are receiving phishing emails that aim to trick them into giving OAuth permissions to a bogus app that then lets attackers read and write emails. The team reported that attackers are sending the OAuth phishing emails to "hundreds" of Office 365 customers.
OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other we