ConsentFix and ClickFix: Microsoft 365 hijacks
🔒 Modern phishing variants like ClickFix and the newer ConsentFix convert routine user actions into account takeover opportunities. Attackers trick victims into executing keyboard shortcuts or dragging callback links, which hands over OAuth tokens and session access to Microsoft 365 services without passwords or MFA bypass. The technique relies on familiar workflows and readily available tooling, with public sharing of blueprints lowering the barrier to entry.
