Hackers Deploy Malicious OAuth Apps to Compromise Email Servers, Spread Spam
The spam emails were sent to trick recipients into signing up for fake paid subscriptions
Spam can deliver phishing links, malware, and fraudulent messages, making it a path for account theft and other cyberattacks.
Search across headline titles and summaries.
Background for this topic.
Spam is unsolicited, usually bulk messaging sent through email, text messages, social platforms, or other communication services. It may be commercial advertising, but security-relevant spam commonly includes deceptive messages designed to look like trusted communications. Automated campaigns can target large numbers of recipients at low cost, while compromised accounts and spoofed sender identities can make messages appear more credible.
Spam is a delivery channel for phishing, malware, fraudulent payment requests, and credential theft; links or attachments should therefore be treated as untrusted until verified. Defenses include reputation and content filtering, user reporting, attachment and URL analysis, and email authentication controls such as SPF, DKIM, and DMARC to reduce sender spoofing. Security teams should preserve relevant message headers and indicators when investigating campaigns, blocking associated infrastructure and checking whether recipients interacted with the content.
The spam emails were sent to trick recipients into signing up for fake paid subscriptions
Cybercriminals took control of enterprise Exchange Servers to spread large amounts of spam aimed at signing people up for bogus subscriptions.
Microsoft on Thursday warned of a consumer-facing attack that made use of rogue OAuth applications on compromised cloud tenants to ultimately seize control of Exchange servers and spread spam