Beware of video call links that are attempts to steal Microsoft 365 access, researchers tell NGOs

Russia-linked hackers are continuing to develop ways to trick people into giving them access to their organizations’ Microsoft 365 environments, according to researchers.

The latest example, cited by cybersecurity company Volexity, involves “highly targeted social engineering operations” aimed at nongovernmental organizations with ties to Ukraine. The goal is to capture access tokens for victims’ M365 accounts by abusing OAuth, a protocol that allows apps to sign in to one another without passwords.

The scheme typically starts with a phishing attempt through a messaging app like Signal or WhatsApp inviting potential victims “to join a video call to discuss the conflict in Ukraine,” Volexity says. 

Read more at The Record