Header image overlay

Hackers visa OAuth API to access Office 365 accounts

OAuth (Open Authorization) is an authorization protocol that allows you to log in to another server, website or cloud portal using an existing login. A well-known example of this is logging in via your Google or Facebook account. For example, in the case of mobile apps. Microsoft uses this same open standard to allow other cloud services to connect to Office 365. For example, a Dropbox account that is synchronized with OneDrive or new Facebook posts that are written in an Excel document.

A blessing for users or hackers?

Despite the ease of use, there are also dangers: not all applications are equally transparent about the access rights obtained. Moreover, users appear to be nonchalant in granting access, so it should come as no surprise that there are more and more reports of affected users. This is also the case with Office 365 customers: on the Internet you can find numerous examples of Outlook users where e-mails were encrypted.

Screenshot hacked Outlook mailbox

Turn off ‘Application Consent by Users’ our advice!

Hackers have clearly changed the gun from shoulder to shoulder. In order to gain access to our valuable data, they no longer extract login data, but try to connect to malicious applications. For example, with Office 365 users. Our advice? As an administrator in Azure Active Directory, please enable ‘Application Consent by Users‘ off. As a result, end-users can no longer grant new rights to third-party applications. An action that also recommended by Microsoft.

Disabling this option has no effect on existing applications or on the operation of your Office 365 environment.

Is your Office 365 managed by us?

Then you can rest assured: this option has already been pre-emptively deactivated for all our customers. If you, as an admin, still want to enable this function again, we recommend that you first use the ‘Admin Consent Workflow‘ configurable so that new connections can first be approved by an administrator.

If you have any questions about this message, don't hesitate to contact us in time. contactable.

“Hackers have clearly changed the gun from shoulder to shoulder. To access our precious data, they no longer extract our login details, but try to connect through malicious applications.”

Written by:

Tom Hufkens
Marketing Manager at VanRoey

A familiar face at VanRoey for 15 years. Literally and figuratively: because of his role as Marketing Manager, he is regularly at the centre of our communication. He regularly shares his experiences of new marketing methods during workshops & events.

What will the future bring? Get an exclusive tour & plenty of inspiring sessions at the revamped Living Tomorrow. It promises to be another great and educational year-end event! See you there?

Attention: limited number of places!