Wednesday, July 1, 2026
33.6 C
New Delhi

Microsoft Flags New OAuth-Based Phishing Attack Targeting Public Sector

Show Quick Read

Key points generated by AI, verified by newsroom

A new phishing campaign has been discovered that uses a clever trick inside the OAuth login system. Security researchers from Microsoft Defender say attackers are abusing the normal redirection feature of OAuth to send users to malicious websites. Unlike traditional phishing attacks that try to steal passwords or tokens directly, this method works differently. It triggers an error in the authentication process, so the system automatically redirects the victim’s browser. 

The campaign mainly targets government and public-sector organisations. Because the links use trusted identity provider domains, many security filters fail to detect the attack easily.

New OAuth Phishing Attack Uses Redirect Trick

This new OAuth phishing attack works by abusing the normal error-handling process defined in the OAuth standard. Attackers first register fake applications inside their own cloud tenants. They then configure redirect links that lead to domains they control.

Phishing emails are sent with special OAuth authorisation links. These links target the Microsoft Entra ID login endpoint and include parameters designed to break the login process. For example, attackers request an invalid permission, so the authentication attempt fails.

When the request fails, the identity system automatically redirects the browser to the attacker’s registered redirect link. Since this redirect is part of normal OAuth behaviour, many email and browser security systems do not block it.

Five-Stage Phishing Attack Chain Explained

Researchers say the campaign follows a five-stage phishing attack chain. First, attackers send phishing emails related to e-signatures, financial documents, or meeting invites. Automated tools help them send large numbers of messages.

Second, clicking the link triggers a silent OAuth check. The link may also contain the victim’s encoded email address.

Third, the authentication request fails, and the system redirects the user to the attacker’s website. Fourth, victims may be taken to phishing pages or prompted to download malicious ZIP files.

Finally, malware can run PowerShell commands, collect system information, and connect to attacker-controlled servers.

Go to Source

Hot this week

Kriti Sanon should marry on her own terms, says Stebin Ben

Kriti Sanon should marry on her own terms, says Stebin Ben amid Kabir Bahia dating rumours (Image credits: Instagram) Marriage speculation around Kriti Sanon has often made headlines, but her brother-in-law and singer Stebin Ben beli Read More

Shreyas, Abhishek shine with fifties before rain forces abandonment of India’s 1st T20I vs England

Chester-le-Street (UK), Jul 1 (PTI): Abhishek Sharma’s dynamic 59 and skipper Shreyas Iyer’s composed 68 helped India gain a slice of positivity despite their first T20I against England getting abandoned because of incessant rains here on Wednesday. Read More

100+ prominent India, Pakistan voices appeal for ‘confidence building measures’

NEW DELHI: Over 100 prominent citizens from India and Pakistan have urged PMs of both countries to take meaningful and sustained steps towards restoring peace, normalcy, dialogue and cooperation. Read More

Panel to adopt report on bill to sack PM, CMs on July 17

NEW DELHI: A parliamentary committee scrutinising the anti-corruption bill, which seeks automatic removal of PM, CMs and ministers if they are in detention for 30 days on serious criminal charges, is likely to adopt its report with ce Read More

Supreme Court lays down ITR norms for fixing accident damages

NEW DELHI: Pointing out that a salaried person has a fixed income while the earnings of a self-employed individual keep fluctuating, Supreme Court Wednesday said different methods should be adopted to calculate grant of compensation Read More

Topics

Kriti Sanon should marry on her own terms, says Stebin Ben

Kriti Sanon should marry on her own terms, says Stebin Ben amid Kabir Bahia dating rumours (Image credits: Instagram) Marriage speculation around Kriti Sanon has often made headlines, but her brother-in-law and singer Stebin Ben beli Read More

Shreyas, Abhishek shine with fifties before rain forces abandonment of India’s 1st T20I vs England

Chester-le-Street (UK), Jul 1 (PTI): Abhishek Sharma’s dynamic 59 and skipper Shreyas Iyer’s composed 68 helped India gain a slice of positivity despite their first T20I against England getting abandoned because of incessant rains here on Wednesday. Read More

100+ prominent India, Pakistan voices appeal for ‘confidence building measures’

NEW DELHI: Over 100 prominent citizens from India and Pakistan have urged PMs of both countries to take meaningful and sustained steps towards restoring peace, normalcy, dialogue and cooperation. Read More

Panel to adopt report on bill to sack PM, CMs on July 17

NEW DELHI: A parliamentary committee scrutinising the anti-corruption bill, which seeks automatic removal of PM, CMs and ministers if they are in detention for 30 days on serious criminal charges, is likely to adopt its report with ce Read More

Supreme Court lays down ITR norms for fixing accident damages

NEW DELHI: Pointing out that a salaried person has a fixed income while the earnings of a self-employed individual keep fluctuating, Supreme Court Wednesday said different methods should be adopted to calculate grant of compensation Read More

US navy helicopter makes emergency water landing in Arabian Sea; one crew member missing

US navy MH-60S Sea Hawk helicopter (File photo) A US navy MH-60S Sea Hawk helicopter made an emergency water landing in the Arabian Sea Tuesday, with one crew member still missing as search operations continue, the US naval forces c Read More

Turkish proverb of the day: ‘Kill the brave man, but do not deny him his due’

“Kill the brave man, but do not deny him his due” Imagine standing across from your fiercest rival. You disagree with them. You compete against them. Perhaps you even defeat them. Read More

Swedish proverb of the day: ‘Even a blind hen finds a grain sometimes’

‘Even a blind hen finds a grain sometimes’ Imagine watching a hen pecking endlessly across a farmyard. Now imagine that the hen cannot see. Logic says it should never find food. Read More

Related Articles