Microsoft has issued an advisory warning about “consent phishing,” or application-based phishing attacks that rely on users granting permissions to malicious apps. These attacks aren’t as well-known or as obvious as credential-harvesting or email-based phishing attacks, but they can be just as dangerous.