Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned. These attacks were part of two campaigns that ran between September and December 2020, targeting victims in multiple recurring waves.