Microsoft says criminals are misusing OAuth apps to launch scam attacks

Microsoft says its Threat Intelligence team has been observing financially motivated attacks and scams using OAuth apps as automation tools.

In a new post, the team explained how threat actors have compromised user accounts to create, modify, and grant high privileges to OAuth apps to hide malicious activity.