phishing

Consent Phishing

An attack where victims are tricked into granting OAuth permissions to a malicious application. Instead of stealing passwords, the attacker gains persistent API access to the victim's cloud accounts through authorized app consent.

Related Terms

Credential Harvesting

phishing

The process of collecting usernames, passwords, and other authentication credentials through fake login pages, keylogger...

OAuth

authentication

An open authorization framework that enables third-party applications to access user resources without exposing password...

Phishing

phishing

A cyberattack that uses fraudulent emails, text messages, or websites to trick people into revealing sensitive informati...

Back to Glossary