What is OAuth token abuse?

OAuth tokens grant application access to user accounts. Attackers trick users into authorizing malicious applications, obtaining tokens that provide persistent access without needing passwords.

Email attack vector: phishing campaigns impersonate legitimate services requesting OAuth authorization. Victims grant access thinking they're connecting to trusted applications. Attackers receive tokens enabling account access.

Defense: review authorized applications regularly, revoke unused authorizations, be suspicious of OAuth requests from unfamiliar contexts, and implement consent phishing awareness training.