{"id":21000,"date":"2022-02-18T09:43:41","date_gmt":"2022-02-18T09:43:41","guid":{"rendered":"https:\/\/easydmarc.com\/blog\/?p=21000"},"modified":"2026-03-13T13:23:16","modified_gmt":"2026-03-13T13:23:16","slug":"what-is-consent-phishing-and-how-to-prevent-such-attacks","status":"publish","type":"post","link":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/","title":{"rendered":"What Is Consent Phishing and How to Prevent Such Attacks?"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">If you\u2019ve ever been interested in cybersecurity, you\u2019ve probably heard of <\/span><b>consent phishing<\/b><span style=\"font-weight: 400;\">. Well, the term itself hints at its exact essence. This specific kind of cyberattack requires consent of sorts from the victim. It <\/span><a href=\"https:\/\/www.cyware.com\/news\/current-state-of-consent-phishing-emails-ea5c8a5f\"><span style=\"font-weight: 400;\">has recently grown<\/span><\/a><span style=\"font-weight: 400;\"> across the globe sending an invisible message to countless businesses: Revise your user policies and digital asset management.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This article dives into <\/span><b>what consent phishing<\/b><span style=\"font-weight: 400;\"> is so that both organizations and individuals can better protect their data from this targeted attack.\u00a0<\/span><\/p>\n<h2><b>What is Consent Phishing?<\/b><\/h2>\n<p><b>Consent phishing <\/b><span style=\"font-weight: 400;\">is an application-based attack that misleads the victim with a legitimately registered application to get access to their sensitive data. This attack type, however, differs from credential phishing, as it doesn\u2019t redirect the user to a fake app.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">While it can be implemented in various ways, the most common one is via email. So how does <\/span><b>consent phishing<\/b><span style=\"font-weight: 400;\"> happen? The attacker sends a seemingly reliable message to their target\u2019s email. Once the target clicks on the link, an application is installed on their computer. From there, the attacker harvests information about the victim.<\/span><\/p>\n<h3><b>Consent Phishing Example<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">There have been many vivid cases of <\/span><b>consent phishing attacks<\/b><span style=\"font-weight: 400;\"> among prominent organizations that later turned into a warning signal for others.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">One of the most famous examples is the <\/span><span style=\"font-weight: 400;\">security breach<\/span><span style=\"font-weight: 400;\"> SANS Institute disclosed in 2020. As they reported, some employees received an email named \u201cCopy of sans July Bonus 24JUL2020.xls\u201d.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It included a \u201cBonus\u201d document in the Enabler4Excel 365 format and employees felt excited to click on the \u201cOpen\u201d button. It was enough for one employee to click the link and inadvertently install a malicious Microsoft 365 add-on. This program created a forwarding rule for 513 emails to the anonymous attacker.<\/span><\/p>\n<h2><b>How Do Consent Phishing Attacks Work?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">To be trustworthy enough,<\/span><b> consent phishing attacks<\/b><span style=\"font-weight: 400;\"> seemingly come from <\/span><span style=\"font-weight: 400;\">legitimate providers. This makes it easier for attacker-controlled applications<\/span> <span style=\"font-weight: 400;\">to gain access to user data. The plan is usually meticulously orchestrated to achieve success. Below, we talk about the common steps <\/span><b>consent phishing attacks<\/b><span style=\"font-weight: 400;\"> follow.\u00a0<\/span><\/p>\n<h3><b>The Consent Phishing Method<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Each consent phishing attack is different, but the main steps remain as follows:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">An attacker registers an app with an OAuth 2.0 provider (eg. Azure Active Directory).<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The app carries a reliable name and structure not to raise suspicion (eg. using a popular sphere-related name).<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The attacker generates a link that is later sent to users to click on, granting the malicious app permissions to data.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Once the user accepts what the link offers, their sensitive data gets trapped.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The access token is implemented with the authorization code sent to the app. It\u2019s also used to make API calls on behalf of the user.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Once the user accepts the message, their data becomes accessible to the attacker. This can include e<\/span><span style=\"font-weight: 400;\">mail, contacts, forwarding rules, files, notes, profile, etc.<\/span><\/p>\n<h3><b>Delivery Mechanisms<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Consent phishing may come via various digital channels. However, email is one of the more reliable sources, as the attacker needs to create the illusion of a legitimate company contacting the targets. A user may also come across a consent phishing attack in an app, software program, or sign-in forms. In any case, if an app asks you to install another app, you should check if the request is in line with the program\u2019s privacy policies and your company guidelines.<\/span><\/p>\n<h3><b>Consent Phishing Tactics<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">As we mentioned above, consent phishing is usually planned and follows a set sequence of steps. Starting from malicious app creation to the efforts to appear genuine, this process can be daunting.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As a type of phishing, this attack shows strong social engineering traits. First of all, the hacker relies on the urgency component. Second, they hope a \u201cgreat offer\u201d will be enticing enough for the victim to click the link. Still, a characteristic of consent phishing is the \u201ctransfer of blame\u201d to the receiving party.<\/span><\/p>\n<h2><b>Why is Consent Phishing Efficient?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Consent phishing is efficient because it leverages a seemingly legitimate application, which the victim is eager to install. Another component making it highly effective is the implementation based on the victim\u2019s consent.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As a highly potent attack type paired with the rise of email marketing, consent phishing is gaining increasingly more traction in the cyberworld. This attack type is on the rise, but it hasn\u2019t reached its peak yet. We\u2019ve already <\/span><a href=\"https:\/\/easydmarc.com\/blog\/social-engineering-trends-in-cybersecurity\/\"><span style=\"font-weight: 400;\">predicted<\/span><\/a><span style=\"font-weight: 400;\">\u00a0the growth of consent phishing in 2022, as general phishing cases have no intention to slow down.<\/span><\/p>\n<h2><b>How to Prevent Consent Phishing Attacks<\/b><\/h2>\n<p><b>The dangers of consent phishing <\/b><span style=\"font-weight: 400;\">can threaten any organization. Therefore, every company must take relevant steps to avoid losing significant data. It\u2019s worth investing in cybersecurity as it\u2019s of utmost importance for a business. We\u2019ve also highlighted some practical tactics on <\/span><b>how to prevent consent phishing.<\/b><\/p>\n<h3><b>Educate Your Staff<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Your team members must be well aware of consent phishing to protect both themselves and the company they work for. Train your staff members to double-check the links, files, emails, and other content they receive and exclude suspicious features.<\/span><\/p>\n<h3><b>Only Allow User Access to a List of Approved Apps<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Enforce publisher-verified applications or create a separate list of apps you trust. If your company produces applications itself, it\u2019s better to use proprietary products.<\/span><\/p>\n<h3><b>Ensure Admins Know the Consent Evaluation Policies<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Sure, third-party apps are important for your business despite <\/span><b>the dangers of consent phishing<\/b><span style=\"font-weight: 400;\">. Hence, your administrators must understand the permissions and consent framework to help prevent malicious apps from entering your environment. We recommend a set policy for outside applications and how to handle installation offers.<\/span><\/p>\n<h3><b>Use Email Authentication Protocols<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">As we mentioned, email is a primary delivery mechanism for consent phishing. While training and policies are crucial, sometimes relying on the sound judgment of your employees isn\u2019t enough.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Like with any type of phishing, your best bet is to put enough filters in place to leave as little as you can to individuals.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It\u2019s true, SPF, DKIM, and DMARC won\u2019t help your infrastructure from incoming threats (we have an upcoming product that will solve that too!). However, we can and will protect your partners and clients from getting spoofed on your behalf. It\u2019s your reputation at stake, so <\/span><a href=\"https:\/\/app.easydmarc.com\/register\"><span style=\"font-weight: 400;\">sign up with EasyDMARC<\/span><\/a><span style=\"font-weight: 400;\"> to start your authentication journey.<\/span><\/p>\n<h2><b>Final Thoughts<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">As technology develops, it becomes easier to unlock anything digitalized. Therefore, the probability of cyberattacks gets bigger, and so does the need to keep your data secure.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Now that you\u2019ve learned\u00a0<\/span><b>what consent phishing is<\/b><span style=\"font-weight: 400;\"> and <\/span><b>how to prevent it<\/b><span style=\"font-weight: 400;\">, put our best practices into action.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Have you ever encountered a consent phishing case? <\/span><a href=\"https:\/\/www.linkedin.com\/company\/easydmarc\/mycompany\/\"><span style=\"font-weight: 400;\">Get in touch with us on LinkedIn<\/span><\/a><span style=\"font-weight: 400;\"> and let\u2019s start a helpful discussion!<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you\u2019ve ever been interested in cybersecurity, you\u2019ve &#8230;<\/p>\n","protected":false},"author":5,"featured_media":21001,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[204,290,199,293,289],"tags":[],"class_list":["post-21000","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-cyberattacks-cyberthreats","category-cybersecurity","category-phishing","category-social-engineering"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.4 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>What Is Consent Phishing and How to Prevent Such Attacks? | EasyDMARC<\/title>\n<meta name=\"description\" content=\"Consent phishing is a permission-based attack that misleads the victim with a legitimately registered application. Learn more!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What Is Consent Phishing and How to Prevent Such Attacks?\" \/>\n<meta property=\"og:description\" content=\"Consent phishing is a permission-based attack that misleads the victim with a legitimately registered application. Learn more!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"EasyDMARC\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/EasyDMARC\/\" \/>\n<meta property=\"article:published_time\" content=\"2022-02-18T09:43:41+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-13T13:23:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1440\" \/>\n\t<meta property=\"og:image:height\" content=\"910\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Hasmik Khachunts\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@easydmarc\" \/>\n<meta name=\"twitter:site\" content=\"@easydmarc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Hasmik Khachunts\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/\"},\"author\":{\"name\":\"Hasmik Khachunts\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/person\\\/1ee4f162a98bccc5ff8b6fefdfaf245c\"},\"headline\":\"What Is Consent Phishing and How to Prevent Such Attacks?\",\"datePublished\":\"2022-02-18T09:43:41+00:00\",\"dateModified\":\"2026-03-13T13:23:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/\"},\"wordCount\":1121,\"publisher\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg\",\"articleSection\":[\"Blog\",\"Cyberattacks and Cyberthreats\",\"Cybersecurity\",\"Phishing\",\"Social Engineering\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/\",\"name\":\"What Is Consent Phishing and How to Prevent Such Attacks? | EasyDMARC\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg\",\"datePublished\":\"2022-02-18T09:43:41+00:00\",\"dateModified\":\"2026-03-13T13:23:16+00:00\",\"description\":\"Consent phishing is a permission-based attack that misleads the victim with a legitimately registered application. Learn more!\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg\",\"contentUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg\",\"width\":1440,\"height\":910,\"caption\":\"What Is Consent Phishing and How to Prevent Such Attack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-consent-phishing-and-how-to-prevent-such-attacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blog\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cybersecurity\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Cyberattacks and Cyberthreats\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/cybersecurity\\\/cyberattacks-cyberthreats\\\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Social Engineering\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/cybersecurity\\\/cyberattacks-cyberthreats\\\/social-engineering\\\/\"},{\"@type\":\"ListItem\",\"position\":6,\"name\":\"Phishing\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/cybersecurity\\\/cyberattacks-cyberthreats\\\/social-engineering\\\/phishing\\\/\"},{\"@type\":\"ListItem\",\"position\":7,\"name\":\"What Is Consent Phishing and How to Prevent Such Attacks?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/\",\"name\":\"EasyDMARC\",\"description\":\"Blog\",\"publisher\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/#organization\",\"name\":\"EasyDMARC\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/img\\\/logo.png\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/EasyDMARC\\\/\",\"https:\\\/\\\/x.com\\\/easydmarc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/easydmarc\\\/mycompany\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/person\\\/1ee4f162a98bccc5ff8b6fefdfaf245c\",\"name\":\"Hasmik Khachunts\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g\",\"caption\":\"Hasmik Khachunts\"},\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/author\\\/hasmik\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What Is Consent Phishing and How to Prevent Such Attacks? | EasyDMARC","description":"Consent phishing is a permission-based attack that misleads the victim with a legitimately registered application. Learn more!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/","og_locale":"en_US","og_type":"article","og_title":"What Is Consent Phishing and How to Prevent Such Attacks?","og_description":"Consent phishing is a permission-based attack that misleads the victim with a legitimately registered application. Learn more!","og_url":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/","og_site_name":"EasyDMARC","article_publisher":"https:\/\/www.facebook.com\/EasyDMARC\/","article_published_time":"2022-02-18T09:43:41+00:00","article_modified_time":"2026-03-13T13:23:16+00:00","og_image":[{"width":1440,"height":910,"url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg","type":"image\/jpeg"}],"author":"Hasmik Khachunts","twitter_card":"summary_large_image","twitter_creator":"@easydmarc","twitter_site":"@easydmarc","twitter_misc":{"Written by":"Hasmik Khachunts","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/#article","isPartOf":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/"},"author":{"name":"Hasmik Khachunts","@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/person\/1ee4f162a98bccc5ff8b6fefdfaf245c"},"headline":"What Is Consent Phishing and How to Prevent Such Attacks?","datePublished":"2022-02-18T09:43:41+00:00","dateModified":"2026-03-13T13:23:16+00:00","mainEntityOfPage":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/"},"wordCount":1121,"publisher":{"@id":"https:\/\/easydmarc.com\/blog\/#organization"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg","articleSection":["Blog","Cyberattacks and Cyberthreats","Cybersecurity","Phishing","Social Engineering"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/","url":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/","name":"What Is Consent Phishing and How to Prevent Such Attacks? | EasyDMARC","isPartOf":{"@id":"https:\/\/easydmarc.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/#primaryimage"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg","datePublished":"2022-02-18T09:43:41+00:00","dateModified":"2026-03-13T13:23:16+00:00","description":"Consent phishing is a permission-based attack that misleads the victim with a legitimately registered application. Learn more!","breadcrumb":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/#primaryimage","url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg","contentUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg","width":1440,"height":910,"caption":"What Is Consent Phishing and How to Prevent Such Attack"},{"@type":"BreadcrumbList","@id":"https:\/\/easydmarc.com\/blog\/what-is-consent-phishing-and-how-to-prevent-such-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/easydmarc.com\/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/"},{"@type":"ListItem","position":3,"name":"Cybersecurity","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/cybersecurity\/"},{"@type":"ListItem","position":4,"name":"Cyberattacks and Cyberthreats","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/cybersecurity\/cyberattacks-cyberthreats\/"},{"@type":"ListItem","position":5,"name":"Social Engineering","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/cybersecurity\/cyberattacks-cyberthreats\/social-engineering\/"},{"@type":"ListItem","position":6,"name":"Phishing","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/cybersecurity\/cyberattacks-cyberthreats\/social-engineering\/phishing\/"},{"@type":"ListItem","position":7,"name":"What Is Consent Phishing and How to Prevent Such Attacks?"}]},{"@type":"WebSite","@id":"https:\/\/easydmarc.com\/blog\/#website","url":"https:\/\/easydmarc.com\/blog\/","name":"EasyDMARC","description":"Blog","publisher":{"@id":"https:\/\/easydmarc.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/easydmarc.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/easydmarc.com\/#organization","name":"EasyDMARC","url":"https:\/\/easydmarc.com\/","logo":{"@type":"ImageObject","url":"https:\/\/easydmarc.com\/img\/logo.png"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/EasyDMARC\/","https:\/\/x.com\/easydmarc","https:\/\/www.linkedin.com\/company\/easydmarc\/mycompany\/"]},{"@type":"Person","@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/person\/1ee4f162a98bccc5ff8b6fefdfaf245c","name":"Hasmik Khachunts","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g","caption":"Hasmik Khachunts"},"url":"https:\/\/easydmarc.com\/blog\/author\/hasmik\/"}]}},"jetpack_featured_media_url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/What-Is-Consent-Phishing-and-How-to-Prevent-Such-Attack_.jpg","_links":{"self":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts\/21000","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/comments?post=21000"}],"version-history":[{"count":2,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts\/21000\/revisions"}],"predecessor-version":[{"id":59713,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts\/21000\/revisions\/59713"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/media\/21001"}],"wp:attachment":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/media?parent=21000"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/categories?post=21000"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/tags?post=21000"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}