ConsentFix + ClickFix: M365 grants that outlive a password reset
BleepingComputer covered two M365 hijack patterns and Opera's Paste Protect defense this week. The clipboard lane can be closed. The OAuth grant substrate underneath is unchanged.
BleepingComputer ran two pieces this week on the same substrate from opposite sides: ConsentFix and ClickFix as delivery patterns that end in a Microsoft 365 account takeover, and Opera’s new Paste Protect feature, shipped July 2, that blocks the clipboard step of the ClickFix chain. The pair is worth reading together. One is a delivery-side fix. The thing under it — the OAuth 2.0 authorization-code grant that yields the token — is the same layer of plumbing Microsoft, Google, and everyone else has been shipping since the mid-2010s.
The mechanics, plainly
ClickFix and ConsentFix are user-facing lures, not exploits. Neither one touches a CVE. Neither one bypasses MFA in the sense of defeating a cryptographic factor. Both work because the OAuth consent grant is a legitimate authenticated action taken by the user, at the end of a real Microsoft login flow, on the real login.microsoftonline.com origin. From the identity provider’s perspective, the user showed up, authenticated, satisfied MFA, and clicked Accept on a permissions page. There is nothing to detect in the auth flow itself because nothing anomalous happened in it.
The two variants BleepingComputer covers differ in what the lure asks the user to do:
- ClickFix puts a fake error dialog or CAPTCHA in front of the user and asks them to paste a command into a run box, a terminal, or a browser address bar. The command in the clipboard is not what the on-screen text says it is. This is where the “3 seconds” headline lives — it’s a clipboard swap plus a paste.
- ConsentFix ends at an OAuth consent screen instead of a shell. The user is walked through what looks like a routine third-party app authorization for a document viewer, a “security check,” a meeting-notes bot — anything that plausibly asks for
Mail.Readandoffline_access. The grant is real. The token that comes back to the attacker is real.
For the specific fake-prompt and OAuth chaining detail, BleepingComputer’s writeup is the primary reference; we’re not going to reproduce the step-by-step, and there is nothing in the mechanics that isn’t already the well-documented shape of consent-grant phishing that Microsoft has been writing detection guidance for since 2020.
What the grant is, and why it survives
The consent grant is an OAuth 2.0 authorization-code exchange. It yields an access token, and — because the attacker’s manifest requested offline_access — a refresh token. The access token is short-lived; the refresh token is not. It can be exchanged for new access tokens as needed, from any IP, until:
- The tenant admin revokes the third-party app’s grant.
- The user’s Azure AD account is disabled or has its refresh tokens explicitly revoked.
- A Conditional Access policy that catches the app’s behavior kicks in.
None of those are triggered by the user changing their password. None are triggered by the user re-enrolling their MFA factor. That is the specific technical fact that makes consent phishing a durable compromise rather than a transient session hijack: you can rotate the credential and lose nothing that matters to the attacker. The refresh token remains valid.
That is also why the Opera fix, though good and worth deploying, is delivery-lane work. It cuts the ClickFix clipboard vector for users on Opera. It does not touch the ConsentFix path, which never asks the user to paste anything.
Opera Paste Protect
Opera announced Paste Protect on July 2. Per BleepingComputer, it inspects the clipboard content the user is about to paste and warns before executing what looks like a command line handed over by a social-engineering flow — the same class of block Chrome’s Enhanced Safe Browsing and Firefox’s clipboard-restriction work has been reaching for. It is a real defense; it is a delivery-lane defense; it is one browser.
Consumer browser features are worth pushing internally where you can, but do not let a “we deployed Opera Paste Protect” line in a status report substitute for the tenant-side controls that stop the ConsentFix branch. Those live in Azure AD.
What to actually do
Tenant admin, this week:
- Turn on the admin consent workflow. In Azure AD → Enterprise applications → User settings, set Users can consent to apps accessing company data on their behalf to No (or restrict to verified publishers and low-risk permissions), and enable the admin consent request flow. This is the single largest change against ConsentFix — if a user cannot grant consent to a random third-party app, the ConsentFix chain terminates at the consent screen instead of the token endpoint.
- Audit already-granted third-party apps. Enterprise applications → All applications → filter by application type “Enterprise Applications,” then walk the list of unverified-publisher and recently-consented apps. Revoke anything that does not have a business justification. This is a one-time sweep, not an ongoing burden, and it clears out grants that predate the workflow change above.
- Wire a Conditional Access policy that scopes
offline_accessand mailbox-read grants to compliant devices. Refresh tokens are the persistence mechanism. Bounding where they can be used is the most direct available lever.
Endpoint and helpdesk, this week:
- Push the Opera Paste Protect rollout note to any users who run Opera, and if you standardize on Chrome or Edge, verify the browser paste-protection settings equivalent to it are on. This closes the ClickFix delivery lane; it does not close ConsentFix.
- Retrain the fake-CAPTCHA muscle memory. Users who see “please paste this into a run box to verify you’re not a robot” will do it. The training that works is unambiguous: if a webpage asks you to paste anything into a terminal, Windows Run, or a browser address bar, close the tab.
Detection engineering, next two weeks:
- Alert on newly-consented enterprise applications with
Mail.Read,Mail.ReadWrite,Files.Read.All, oroffline_access. Microsoft has a built-in Defender for Cloud Apps detection for risky OAuth apps; make sure it’s on and being reviewed. - Alert on OAuth token issuance to new client IDs the tenant has not seen before, filtered against a small allowlist of known SaaS integrations. This is the signal that catches ConsentFix after the grant but before the attacker has walked the mailbox.
The pattern
The OAuth consent grant is one of the pieces of identity plumbing that has been shipping largely unchanged since 2015 and works, and that is what makes it useful and also what makes it easy to build attacks against. The delivery lane changes — poisoned PDF viewer, fake Zoom plugin, “security check” bot, this week’s ClickFix and ConsentFix lures — and the substrate keeps letting a signed-in user click Accept on a permissions page.
Opera’s Paste Protect is the right kind of small fix at the delivery lane. The larger work is the tenant-side controls above, which are not new and which most tenants still have not turned on. Start with the admin consent workflow this week.
Sourcing
- BleepingComputer: ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
- BleepingComputer: Opera rolls out Paste Protect feature to fight ClickFix attacks
- Microsoft Learn: Investigate risky OAuth apps
- Microsoft Learn: Configure the admin consent workflow
Found this useful? Share it.

