OnMicrosoft.com Office 365 Malicious and Spam Emails

Spammers, scammers, or cyber-criminals are abusing Microsoft Office 365 by sending spam and malicious email messages from it, which they will use to trick their potential victims into sending them their money, personal and financial information, or clicking on links that will take them to malicious websites that will infect their computers with viruses, Trojan horse or other malware. Microsoft Office 365, often referred to as Microsoft 365 or Office 365, is a web-based version of Microsoft Office Suite.

OnMicrosoft.com Office 365 Malicious and Spam Emails

How are Scammers Using Microsoft Office 365?

Spammers, scammers and cybercriminals are signing up for Office 365 accounts, creating email addresses and websites, and are using them to send spam and malicious email messages to their potential victims.

Here is an example:

The following fraudulent email message was sent to a potential victim; luckily she sent it to us to determine if it is legitimate:

Subject: Attn:This Is My Second Email, Please Respond
From: Ahmed Mohamed Ahmed01@lawoffice2013 .onmicrosoft.com

The cyber-criminals responsible for the fraudulent email created a website name or subdomain under “onmicrosoft.com” called “lawoffice2013”. The website or subdomain name looks like the following:”lawoffice2013.onmicrosoft.com

Then they created the email address “Ahmed01@ lawoffice2013.onmicrosoft.com” from the website or subdomain name. Once the email address has been created, they then send the spam and malicious email message above from it.

Cyber-crooks are using different website or subdomain names, so look out for suspicious email messages that are sent from email addresses ending with “onmicrosoft.com.” A lot of recipients of the spam and malicious email messages sent from Microsoft Office 365 or OnMicrosoft.com accounts created by scammers, cybercriminals or spammers, will think the email messages are legitimate because they are coming from “onmicrosoft.com,” which is owned and operated by Microsoft.

So, recipients of suspicious email messages that are sent from onmicrosoft.com or other email addresses, should never click on links in the suspicious emails to sign into their online accounts, should never send money or their personal information if they are asked to do so by suspicious emails, and should never respond to suspicious email messages.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Was this article helpful?  +
  • YesLike (1)
  •       
  • NoDislike (0)   
Share this with others:
Facebook
WhatsApp
Twitter
Reddit
Pinterest
Line Me
Save

DonateHelp maintain Online Threat Alerts (OTA) by clicking here.

Comments, Questions, Answers, or Reviews

Comments (Total: 96)

To protect your privacy, please remove sensitive information from your comments, questions, or reviews. We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your post will be set as anonymous because you are not signed in. An anonymous post cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

  • March 10, 2021 at 11:21 PM by an anonymous user from: Los Angeles, Wilmington, California, United States

    I was asked to create an email address for Microsoft. Is this legitimate.

    • March 11, 2021 at 6:35 AM by info

      Please provide more information.

  • January 23, 2021 at 11:27 AM by an anonymous user from: Warwick, Queensland, Australia

    I have been having trouble with email on my live.com.au outlook account lately.

    Several emails had been undeliverable, message by post master,

    I said myself an email, it too was undeliverable and the following additional 'address?' seemed to be attached to my address - what is it please:

    lzhlorjL.MvLhFngs@MqZqD.onmicrosoft.com

  • June 28, 2020 at 2:14 AM by an anonymous user from: United States

    Here is another scam, please do not follow the instructions in it:

    "extinfirms@taklokhighs.onmicrosoft.com

    Intermediate witnesses (a work from home): We secretly assess the way Walmart staffs discharge their daily assigned duties. This is a way to measure workers performances and we pay four hundred dollars twice every week with flexible hour.

    If you intend to be a member; reply with your name/phone-number/physical contact address and zip-code. We shall send our free training manual to enable you commence work here.

    Ronald Garcias;

    Mintel International Group, Ltd."

  • June 26, 2020 at 10:28 PM by info

    "From: Netlfix <leoreplay1@ssserviceheelps.onmicrosoft.com>

    Date: 26 June 2020 at 1:54:26 PM GMT-5

    Subject: Your membership has been cancelled! [ID:45519]"

    Received this scam.

  • April 12, 2020 at 5:01 PM by an anonymous user from: Miami, Florida, United States

    Sending spam from:

    ALLISSON • brmrutnv@brmrutnv.onmicrosoft.com

  • November 2, 2019 at 4:55 PM by an anonymous user from: Wimberley, Texas, United States

    How do you delete onmicrosft attached to my email?

  • October 16, 2019 at 5:22 PM by an anonymous user from: Garland, Texas, United States

    THIS WAS SENT TO MY HUSBAND'S EMAIL AND HE DOESN'T EVEN HAVE A PAYPAL REGISTERED TO HIS EMAIL! BEWARE OF THIS! IT ALSO HAD A LINK TO CLICK ON TO VERIFY PAY INFO.

    DO NOT BE FOOLED!

    sent from my Samsung Galaxy smartphone.

    - Original message -

    From: PayPal <mail-paypal@accaresupports.onmicrosoft.com>

    Date: 10/16/19 12:56 PM (GMT-06:00)

    To: XXXXXX@yahoo.com

    Subject: Review Activity On Your PayPal

    PayPal Sign-in

    Dear PayPal coustomer,

    We noticed some unusual activities on your account. We need your help resolving this issue, and for your safety, we have temporarily limited what you can do with your account until you take action.

    What's going on?

    We noticed some unusual activities on your PayPal account on 16/10/2019 on 01:34 GMT near Dallas TX.

    What do I need to do?

    Signin your PayPal account and complete the steps required to re-secure your account.

  • June 19, 2019 at 4:08 PM by Ilumno from: Dallas, Texas, United States

    I've today discovered that my wife has the following as an email address:

    yubm.yubm@yubms.onmicrosoft.com. How do I know that this address has or is being used to scam us or others? What do we look for? How can we determine?

    Thanks

    • June 19, 2019 at 6:38 PM by info

      If your wife is not using it to scam others, that how you would know.

      OnMicrosoft allows everyone to created accounts, it is what they do with the accounts is the problem.

      You will have legitimate users creating OnMicrosoft accounts and using it to do their businesses. And, on the other hand, you will have cyber thieves creating accounts and using them to scam people, therefore, it recommended that you be cautious of suspicious emails from OnMicrosoft addresses.

  • December 28, 2018 at 6:37 AM by an anonymous user from: Belfast, Northern Ireland, United Kingdom

    hxxp://reward3455.ourtime95.live/

    I receive an email purportedly from Microsoft Edge requesting I complete a survey and would win a iPhone Xs. On completion of survey, I was asked to submit an order for $1 To get the phone.

    When I hit submit I got an email joining a dating site. Help!

  • November 13, 2018 at 6:02 PM by an anonymous user from: Bromsgrove, England, United Kingdom

    I have received the following email. Comments, please?

    "Hi‌ the‌re

    I am a‌ ha‌cke‌r who‌ bro‌ke‌ yo‌u‌r e‌ mai‌l a‌nd de‌vi‌ce a‌ few we‌e‌ks a‌go.

    You‌ type‌d i‌n yo‌ur pa‌ssco‌de‌ o‌n o‌ne‌ of the‌ si‌te‌s yo‌u‌ vi‌si‌ted, a‌nd I i‌nte‌rcepte‌d i‌t.

    He‌re‌ i‌s the‌ pa‌sswo‌rd from *@blueyonder.co.uk u‌po‌n mo‌me‌nt o‌f ha‌ck:

    No‌ do‌u‌bt yo‌u‌ ca‌n can change i‌t, or a‌lrea‌dy cha‌nge‌d it.

    Bu‌t thi‌s wi‌ll not ma‌tte‌r, my o‌wn ma‌li‌cio‌u‌s softwa‌re‌ u‌pdate‌d it e‌very ti‌me‌.

    Do‌ not ne‌ce‌ssa‌rily try to‌ ge‌t i‌n to‌u‌ch with me‌ o‌r e‌ve‌n fi‌nd me‌.

    Thro‌u‌gh your e-ma‌i‌l, I uplo‌a‌ded malici‌o‌u‌s co‌de‌ to‌ yo‌u‌r Ope‌ra‌tion Syste‌m.

    I sa‌ve‌d a‌ll of yo‌u‌r curre‌nt co‌nta‌cts toge‌ther with fri‌e‌nds, co‌-wo‌rke‌rs, fa‌mi‌ly me‌mbe‌rs plu‌s a‌ e‌nti‌re re‌co‌rd of visits to‌ the‌ Wo‌rld-wi‌de‌-web re‌so‌urces.

    Also I se‌t up a Vi‌ru‌s on yo‌u‌r syste‌m.

    You‌ a‌ren't my only pre‌y, I ge‌ne‌ra‌lly lock co‌mpute‌rs a‌nd a‌sk fo‌r a‌ ranso‌m.

    None‌thele‌ss I wa‌s struck by the‌ we‌b si‌te‌s of clo‌se‌ ma‌te‌ri‌al tha‌t yo‌u‌ fre‌qu‌e‌ntly check o‌ut.

    I a‌m i‌n su‌rpri‌se‌ of you‌r cu‌rre‌nt fa‌nta‌si‌e‌s! I have‌ ne‌ve‌r ever no‌ti‌ce‌d a‌nythi‌ng a‌t a‌ll li‌ke‌ thi‌s!

    Thu‌s, whe‌n yo‌u‌ ha‌d e‌njo‌yme‌nt o‌n pi‌qua‌nt we‌bsi‌te‌s (yo‌u‌ kno‌w wha‌t I a‌m ta‌lki‌ng a‌bo‌ut!) I cre‌a‌te‌d scre‌en sho‌t wi‌th u‌sing my pro‌gra‌m from yo‌u‌r ca‌me‌ra‌ o‌f yours de‌vi‌ce‌.

    The‌re a‌fter, I co‌mbi‌ne‌d the‌m to‌ the co‌nte‌nt of the‌ pa‌rticula‌r cu‌rre‌ntly vi‌e‌we‌d web si‌te.

    There will be‌ la‌u‌ghte‌r when I se‌nd these‌ pi‌ctu‌re‌s to‌ yo‌ur acquai‌nta‌nce‌s!

    BUT I beli‌eve‌ yo‌u‌ do‌ no‌t wa‌nt it.

    Thu‌s, I e‌xpe‌ct pa‌yme‌nt fro‌m yo‌u‌ i‌nte‌nde‌d fo‌r my qui‌e‌t.

    I co‌nside‌r $4498 is an su‌i‌ta‌ble‌ co‌st fo‌r thi‌s!

    Pa‌y with Bi‌tcoi‌n.

    My Bitco‌i‌n walle‌t: 1PJ3kGge3cM2ENoVyHtzFuoXA8g5rQp8Fu

    In ca‌se‌ yo‌u do‌ no‌t re‌a‌lly kno‌w ho‌w to‌ do‌ thi‌s - submi‌t i‌n to‌ Go‌o‌gle‌ 'how to‌ send mo‌ne‌y to‌ a bi‌tcoin wa‌lle‌t'. It i‌sn't diffi‌cult.

    Fo‌llo‌wing ge‌tti‌ng the‌ gi‌ve‌n a‌mo‌u‌nt, all you‌r i‌nfo‌rma‌ti‌o‌n wi‌ll be‌ stra‌i‌ght a‌wa‌y e‌limi‌na‌ted a‌uto‌ma‌ti‌cally. My compute‌r vi‌ru‌s will a‌lso cle‌a‌r a‌wa‌y i‌tse‌lf thro‌u‌gh yo‌u‌r os.

    My Co‌mpute‌r vi‌ru‌s ha‌ve‌ a‌u‌to a‌le‌rt, so‌ I kno‌w when thi‌s parti‌cular e‌-ma‌i‌l i‌s re‌a‌d.

    I gi‌ve you‌ two‌ days (Fo‌rty ei‌ght hrs) i‌n orde‌r to ma‌ke a‌ pa‌yme‌nt.

    If thi‌s do‌e‌s no‌t o‌ccu‌r - a‌ll yo‌u‌r contacts wi‌ll ge‌t ri‌diculo‌u‌s photo‌s fro‌m yo‌ur darke‌r secre‌t li‌fe‌ a‌nd yo‌u‌r devi‌ce‌ wi‌ll be‌ blo‌cke‌d a‌s we‌ll a‌fte‌r 48 ho‌urs.

    Do‌ no‌t e‌nd up be‌i‌ng stu‌pid!

    Co‌ps o‌r pa‌ls wo‌n't a‌ssi‌st yo‌u‌ fo‌r ce‌rta‌i‌n ...

    PS I ca‌n pro‌vide‌ yo‌u re‌co‌mme‌ndation fo‌r the fu‌ture‌. Neve‌r type‌ i‌n you‌r pa‌sswo‌rds o‌n u‌nsa‌fe‌ we‌b pa‌ges."

    • November 13, 2018 at 7:12 PM by info

      It is a scam, do not fall for it.

      • November 14, 2018 at 2:58 AM by an anonymous user from: Bromsgrove, England, United Kingdom

        Thank you. I thought so but found it particularly unpleasant.

  • July 29, 2018 at 11:33 AM by info

    Here is another scam:

    -Original Message-

    From: melissab@oregonwestmanagement.onmicrosoft.com

    Sent: 26 July 2018 12:20 PM

    Subject: Summon

    RE: Notice of Intent to Sue

    Account Number 638887ZA11

    Good Day

    This letter serves as the formal notice of an intent to file a lawsuit against your company in court, due to your not paying an owed invoice as previously requested.

    A hearing date has been confirmed for On July 26 2018, and if you wish to resolve this matter without court action, our client will expect refund within thirty (30) days of this notice. The Court summons letter is in the below Microsoft document transfer link, kindly verify your receiving email client on the attached to redirect and download summons. View the attached

    document for more details.

    Regards

    Magistrate Court

    Justice Firm Debt Collection Agent

  • January 18, 2018 at 11:24 AM by an anonymous user from: St Peters, Missouri, United States

    why doesn't Microsoft allow *.onmicrosoft.com or _.onmicrosoft.com be a legitimate domain that we can block?

  • January 6, 2018 at 2:10 AM by info

    Received via email:

    "Please help me and tell me how to get rid of these spam emails from my Mozilla Email account. I am being bombarded with various mail from all these sources ending in .onmycrosoft .com. Here are some of them.

    Fox@brandy,onmicrosoft.com

    marianakur@marianakur.onmicrosoft.com

    carmela.smoot@smootsarl.onmicrosoft.com

    Devin@DevinHiggins.onmicrosoft.com

    Saulalinsky@manyasarl.onmycrosoft.com

    They all are using my Email as the SENDER"

  • December 29, 2017 at 9:49 AM by an anonymous user from: Baltimore, Maryland, United States

    Receiving multiple spam emails. Kindly provide the specific wording for creating a rule to block "onmicrosoft.com" emails. Using "onmicrosoft.com in the recipients address" did not work. Thanks so much!

    • December 29, 2017 at 11:56 PM by an anonymous user from: St Petersburg, Florida, United States

      Receiving multiple spam emails. Kindly provide the specific wording for creating a rule to block "onmicrosoft.com" emails. Using "onmicrosoft.com in the recipients address" did not work. Thanks so muc

      From Received Size

      tayaz@TatianaGibbs.onmicrosoft.com Tue 7:16 AM 23 KB

      From Received Size

      Your SC0RE Check! _5inH Tue 9:45 AM 22 KB

      From Received Size

      End-Of-Obesity. Tue 11:19 AM 23 KB

      From Received Size

      Lowermybills.com Tue 1:39 PM 24 KB

      From Received Size

      AIG..Direct..Insurance Tue 1:48 PM 27 KB

  • December 19, 2017 at 11:13 AM by an anonymous user from: Kansas City, Kansas, United States

    I get onmicrosoft emails all the time, sometimes several per day (I got 3 today). I block each one from my Outlook and my network server. Unfortunately, this doesn't stop more from showing up, because each email is from a different individual. Does anyone know how they got my info and keep passing it around? Also, do you want me to forward each one I get to you? It would definitely clog up your server!

  • October 19, 2017 at 10:56 AM by an anonymous user from: Toronto, Ontario, Canada

    I received a survey email solicitation from purportedly "info@conservative.ca" which in fact was "unjunkeopdirect@outlooksen.onmicrosoft.com". I did not open the survey attachment.

    RS

  • September 14, 2017 at 12:36 PM by an anonymous user from: Newark, New Jersey, United States

    Here is another scam, please do not follow the instructions in it:

    - start of scam -

    "From VIP@gnetworks.onmicrosoft.com

    THANK YOU FOR BEING A VALUED DIRECTV CUSTOMER

    America’s #1 Satellite TV Service!

    Thank you for being a valued DIRECTV Customer and I am confident that you will find your DIRECTV experience to be exceptional. As the Executive Vice President of Goodman Networks, your authorized Installation and Service Provider for DIRECTV, my goal is to ensure you receive the highest quality installation, education and customer service in the industry. Your Service, 1-2P9OCUJC, was completed out of our Tyler office.

    If for any reason you do not feel our technician met your needs with the service they performed, we want to address and resolve them as soon as possible. In an effort to assist you, please send an email to our Executive Office using the email address below and provide the following information so we can respond to you without delay.

    ~ Billing Phone Number, DIRECTV Account Number, and your preferred contact information ~

    For billing questions please contact DIRECTV at 1-800-531-5000

    Goodman Networks Contact Information

    Email: VIP@goodmannetworks.com

    Mail: 2801 Network Blvd., Suite 300 Frisco, TX 75034

    Thank you again for choosing Goodman Networks and DIRECTV. We recognize that you have a

    choice in television service providers and we appreciate your business.

    Sincerely,

    Chris Grant, Executive Vice President

    Goodman Networks"

    - end of scam -

  • August 21, 2017 at 4:44 PM by an anonymous user from: Los Angeles, California, United States

    Hi,

    I got email like this, and it said send via caffelli.onmicrosoft.com.

    Is this a spam?

    Please help me to figure out.

    "Intel Optane Treasure Hunt Contest

    Winning Mail

    Pen Corbin <pen@caffelli.com>

    Congratulations! You’ve been selected as a Grand Prize winner in the Intel® Optane Treasure Hunt Contest! Below are the prize fulfillment process and steps required from you to confirm your eligibility and claim your prize.

    My name is Pen and I work for Caffelli, an Advertising Agency based in Portland, Oregon—we organized and managed the contest in conjunction with Intel. I’ll be walking you through the process to claim your prize, please follow the steps outlined below within 5 business days. Please note, if we don’t hear back from you in that time frame, we’ll move to an alternate winner.

    US Residents – Everything below can be sent via email. No hard copies are required:

    Confirm that you are 18 and a United States resident

    Fill out the attached W9

    Fill out the attached affidavit of eligibility

    Provide a scanned copy of your driver’s license or government issued ID

    –OR–

    Canadian Residents – Everything below can be sent via email. No hard copies are required:

    Confirm you are at least the age of majority in your province and a Canadian resident

    Fill out the attached W8-BEN

    Fill out the attached affidavit of eligibility

    Provide a scanned copy of your driver’s license or government issued ID

    Confirm your province. (Residents of Quebec are not eligible as outlined in the contest Terms & Conditions)

    Congratulations again on your win!

    Pen Corbin

    Event and Branded Merchandise Coordinator

    P 503.914.6010

    M 503.501.1767

    F 503.419.4666

    www.caffelli.com"

    • August 21, 2017 at 6:52 PM by info

      It is a scam, just delete it.

      • August 21, 2017 at 7:43 PM by an anonymous user from: Los Angeles, California, United States

        Thank you for your advice!

  • May 15, 2017 at 8:53 AM by an anonymous user from: San Jose, California, United States

    I received this email from Apple today. In which I know is NOT Apple... Then I found your article. I thought since this is 2017 and still circulating, it wouldn't be a bad idea to post it... diglaw@naturetot.onmicrosoft.com

  • April 5, 2017 at 2:41 PM by an anonymous user from: El Centro, California, United States

    So, if we do "...look out for suspicious email messages that are sent from email addresses ending with "onmicrosoft.com, " how can we get our ISPs to block spammers whose domains ends as "onmicrosoft.com?

    My ISP only lets me block either the full domain alone, or the senders full address, but not "all" addresses that END in onmicrosoft.com

    Currently, I have over 50. I have to block individually.

    Here are two examples:

    adam21@fddqfsdfsfdsdf.onmicrosoft.com

    adam22@fairefaire.onmicrosoft.com

    Does anyone know how you can do this?

    Thank you.

    • April 5, 2017 at 3:01 PM by info

      If you are using Outlook, you may use Rules. For information about using Rules, search for: "Outlook Rule to move emails to folder from domain" using www.google.com.

  • January 27, 2017 at 6:06 AM by an anonymous user from: Oro-Medonte, Ontario, Canada

    Received email titled "Your Office 365 Business".

    Message says Total email held:14

    Date: 01-27-2017

    Tells me to continue to link below to view important contact messages

    Otherwise all 14 messages will be deleted.

    I assume a scam and trashed it.

    • January 27, 2017 at 6:33 AM by info

      It is a scam.

  • January 23, 2017 at 3:05 PM by an anonymous user from: El Centro, California, United States

    I have tried many times to block these unwanted emails. Has there been a solution?

  • January 22, 2017 at 1:42 PM by an anonymous user from: White Bear Township, Minnesota, United States

    How do I setup a filter to delete all emails from 365 or .onmicrosoft.com

    • January 22, 2017 at 4:12 PM by info

      Use Google to search for "how to create rule to delete email from a domain".

  • January 20, 2017 at 11:45 AM by info

    Receive via email:

    "Hi, I've been getting more and more emails that end in .onmicrosoft.com. Because the 1st parts of the email address are always different, I can't seem to block them. I use cox.net as my internet server & I've reached the 99 blocked email limit due to the different email addresses and I've used webmail to report these as spam, yet the number of emails seem to multiply daily. It would be a real hassle for me to change my email address and take most likely a day to change the email I do want to get at the various sites that use it to contact me. Is there an easier solution? Does microsoft actually care about this problem and will they be doing anything to prevent further spam-phishing? thank you Liona"

    • January 20, 2017 at 11:48 AM by info

      You may use Outlook or other email clients to create rules that can delete email messages that are coming from a particular domain.

      Go to www.google.com and search for the following:

      "outlook rule to delete emails from a domain"

  • January 15, 2017 at 3:52 AM by an anonymous user from: Fairfax, Virginia, United States

    I use Outlook for mail. You need to dig a bit to go beyond blocking just an individual sender. The menu "Junk" doesn't offer that option. Here are the steps: Junk -> Junk Email Options -> Blocked Senders -> @onmicrosoft.com

  • January 9, 2017 at 4:44 PM by an anonymous user from: Mesa, Arizona, United States

    OK, so I understand how these malicious emails (onmicrosoft.com) are created, but my question is HOW DO I STOP THEM?

    • January 9, 2017 at 4:56 PM by info

      You cannot stop them, but you can filter them as spam or junk, or create a Rule to automatically delete or send them to a specific folder.

      The problem is, once a malicious account at onmicrosoft.com is taken down, others are created right after. So, there is this continuous fight to stop the scammers.

  • December 28, 2016 at 12:14 PM by an anonymous user from: Irvine, California, United States

    About a week ago I started getting so many spam emails from onmicrosoft.com and they just keep coming.

    How do you stop this?

    • December 28, 2016 at 6:26 PM by info

      Flag them as spam or junk.

  • December 22, 2016 at 9:43 AM by an anonymous user from: Edmonton, Alberta, Canada

    Thank you for posting this.

  • December 10, 2016 at 11:47 AM by an anonymous user from: Seattle, Washington, United States

    Recieved 12/10/16:

    "Hi, there.

    My name is Jean Rafon, I'm from France.

    Last week I Bought an old book from street here in Paris and I found your email inside of it, i'm curious to know if this is a real person,

    and what relate you with this book!

    Looking forward to hearing from you! Thanks

    Jean (harry145225swangeropera74 @outlook.com)"

    • January 16, 2017 at 4:37 AM by an anonymous user from: London, England, United Kingdom

      I got that one too...is it dangerous?

      • January 16, 2017 at 5:22 AM by info

        Only if you follow the instructions in it or open a dangerous attachment that came with it.

  • December 10, 2016 at 7:00 AM by info

    Received via email:

    "Today I received an email from a person named Jean Rafon from France. Claims to have found my email in an old book. So I researched this name and found you. I will forward the letter. Am I in any danger of this person? Do you know any more about them? Thank you!"

  • December 8, 2016 at 10:46 PM by an anonymous user from: Littleton, Colorado, United States

    I've received the Jean Rafon email just this evening. What would the scam be?

    • December 9, 2016 at 7:25 AM by an anonymous user from: Charleston, West Virginia, United States

      I got that one, too!

      • December 9, 2016 at 2:59 PM by an anonymous user from: Chicago, Illinois, United States

        Me too! Just got it this afternoon.

  • December 3, 2016 at 8:13 AM by info

    Received via email:

    "I am receiving emails from this email address, ~CheaTlng.MlLfs~, and others with the onmicrosoft. How can I stop this?"

    • December 3, 2016 at 8:18 AM by info

      You can flag them as spam, so they are automatically sent to your spam/junk folder.

  • December 2, 2016 at 2:38 PM by an anonymous user from: Chicago, Illinois, United States

    From: Andree@Supporet.onmicrosoft.com. Received this email today:

    "Hi there

    My name is Jean Rafon, I'm from France.

    Last week I Bought an old book from street here in Paris and I found your email inside of it, i'm curious to know if this is a real person,

    and what relate you with this book!

    Looking forward to hearing from you! Thanks."

    I tried googling the spam to see if anyone else received this weird email and didn't find anything. So I wanted to post it somewhere so people are aware.

    • December 9, 2016 at 7:53 AM by an anonymous user from: Rockford, Tennessee, United States

      I received the same exact email this morning.

      • December 9, 2016 at 3:20 PM by an anonymous user from: Seattle, Washington, United States

        Same here! I figured it was a hoax but research seemed appropriate. Cheers.

    • December 9, 2016 at 1:37 AM by an anonymous user from: San Rafael, California, United States

      Just got the same e-mail today (December 8, 2016); it's oddly compelling for me because I've been in Paris this year, love books, and have both purchased and sold used books everywhere ... so, I thought for a moment that it might be legitimate, but then I thought, "wait a minute - I often write my name and phone number in books, but never my e-mail address!" and then searched here. So, thanks for posting!

      • December 9, 2016 at 7:02 PM by an anonymous user from: Salt Lake City, Utah, United States

        I also received this emaila and was also in Paris this past summer so it was very odd.

    • December 8, 2016 at 10:29 PM by an anonymous user from: Sacramento, California, United States

      I received the exact same email today.

    • December 8, 2016 at 7:52 PM by an anonymous user from: Carrollton, Texas, United States

      Just got the exact same email.

    • December 8, 2016 at 7:02 PM by an anonymous user from: Lexington, Kentucky, United States

      I received the same email today with the same wording.

    • December 8, 2016 at 6:47 PM by an anonymous user from: Washington, District of Columbia, United States

      I received the same message just with a different email:

      rafon Jean Sebrina_Piel_147abc @outlook.com

    • December 8, 2016 at 5:29 PM by an anonymous user from: Eagle Pass, Texas, United States

      Thanks! I received the same email today!

    • December 8, 2016 at 3:45 PM by an anonymous user from: Indianapolis, Indiana, United States

      I received the exact same email. It is spam.

    • December 8, 2016 at 3:41 PM by an anonymous user from: Atlanta, Georgia, United States

      I also received this email today, December 8, 2016.

    • December 8, 2016 at 2:33 PM by an anonymous user from: Harrisburg, Pennsylvania, United States

      I just got this email, I googled it as well to see what it was about and thankfully, I found this. I keep get spam in my inbox, I am so sick of it.

    • December 8, 2016 at 2:32 PM by an anonymous user from: Tampa, Florida, United States

      I just received the same exact email but from a different email address..it's a scam?

      • December 8, 2016 at 2:38 PM by info

        Yes, it is a scam. The scammers will change the email address.

    • December 8, 2016 at 1:40 PM by an anonymous user from: Shepherdsville, Kentucky, United States

      I have received this exact email twice now and was trying to google search as well and came across this page.

    • December 8, 2016 at 7:34 AM by an anonymous user from: St Paul, Minnesota, United States

      I received this same email today also. Also sick of of the spam, isn't really worth having a computer anymore.

    • December 8, 2016 at 5:11 AM by an anonymous user from: Sacramento, California, United States

      I got the same email now, twice in a week.

    • December 8, 2016 at 5:09 AM by an anonymous user from: Adelaide, South Australia, Australia

      I got one today too, exactly the same. So sick of all the spam I get constantly. I send things to my junk folder but they still get through.

    • December 8, 2016 at 4:28 AM by an anonymous user from: Point, Pennsylvania, United States

      I just went back into the email I had received from "Jean Rafon" and clicked on her name to bring up the email address that it came from and it is Marianne_147abcCrespo145225 @outlook.com. It was the same identical email that others had received but not from an onmicrosoft.com account.

    • December 8, 2016 at 4:24 AM by an anonymous user from: Point, Pennsylvania, United States

      Thanks for posting. I had received the same exact email yesterday, 12/7.

    • December 7, 2016 at 10:40 PM by an anonymous user from: Hartford, Connecticut, United States

      I just got this same email today and I searched the name. Thank you, now I know not to reply.

    • December 7, 2016 at 9:33 PM by an anonymous user from: Tacoma, Washington, United States

      I just got this same one in Washington.

    • December 7, 2016 at 9:18 PM by an anonymous user from: London, England, United Kingdom

      I got this email too, gonna play along with them and waste their time and try to screen shot all convoys then paste the whole dialogue here when they have given up lol. Be safe guys and girls :)

    • December 7, 2016 at 6:20 PM by an anonymous user from: Mission, Kansas, United States

      I received this one today, as well. I appreciate this post.

    • December 7, 2016 at 5:56 PM by an anonymous user from: Nashville, Tennessee, United States

      Thank you for the post. I got this exact same email twice today.

    • December 7, 2016 at 2:27 PM by an anonymous user from: Valencia West, Arizona, United States

      I received this same email today! Sounded too fishy to be true, then found this post.

    • December 6, 2016 at 2:39 PM by an anonymous user from: Sullivan, Missouri, United States

      I received the identical email 12/6/16. This is spam.

    • December 6, 2016 at 1:46 PM by an anonymous user from: Cupertino, California, United States

      Yep! just received this email as well and couldn't find anything online besides this comment. So thanks for posting :)

  • November 16, 2016 at 3:24 PM by an anonymous user from: Irvine, California, United States

    In the past 24 hours, I have gotten eight spam emails from various onmicrosoft.com addresses. Just thought you'd like to know.

    • December 8, 2016 at 1:00 PM by an anonymous user from: Portsmouth, England, United Kingdom

      HI - I just received an identical e-mail from Eugenie_147abcMelder145225 @outlook.com - If anyone has any information on what this is about, I would be interested to hear. It certainly smells like a scam.

    • December 2, 2016 at 1:29 PM by an anonymous user from: Coquitlam, British Columbia, Canada

      Email from address: info-user@supportinf.onmicrosoft.com, stating it is from Paypal.

      • December 2, 2016 at 2:14 PM by info

        Good observation.

        PayPal will never use an onmicrosoft.com account to send emails to their customers.

  • November 7, 2016 at 2:47 PM by an anonymous user from: Norwalk, Connecticut, United States

    In the last two and a half days, I've gotten 19 spam messages from a <domain name>@onmicrosoft.com. Somehow my email address has been distributed to the bad guys, and I'm being flooded.

    • November 11, 2016 at 11:14 AM by an anonymous user from: Alexandria, Virginia, United States

      Same here, I don't know what to do!

      • November 11, 2016 at 5:49 PM by an anonymous user from: Milan, Lombardy, Italy

        Same here! Omg the spam filter doesn't even work.

        • November 13, 2016 at 11:57 AM by an anonymous user from: Kalamazoo, Michigan, United States

          Me too! I keep blocking every address but totally not sure it's worth the effort as there have been 65 different addresses but all from onmicrosoft.com. Does anyone know how to make it stop?

  • August 23, 2016 at 11:52 AM by an anonymous user from: Henderson, Nevada, United States

    I have receiving emails from address below asking me to complete a W8 form and then a W9 form:

    John Lee <jlee@abcimaging.Com> via abcimaging.Onmicrosoft.Com

  • July 12, 2016 at 4:15 AM by an anonymous user from: Dunedin, Otago, New Zealand

    These scammers think I'm stupid. It didn't look like what Apple have. I have reported the fraudulent email below:

    - start of message -

    "Date: 12 July 2016 at 8:15:43 PM NZST

    To: "support@costumer service" <costumer-service@LoginesIncID.onmicrosoft.com>

    Subject: Re: Your Apple ID has been used to buy '' black gold ''‏‏

    On 11/07/2016, at 7:38 AM, support@costumer service <costumer-service@LoginesIncID. onmicrosoft.com> wrote:

    Your Apple ID has been used to buy '' black gold '' by Diego from the iTunes Store on a computer or device that has not been previously associated with him.

    you can also receive this message if you have reset your password from your last purchase.

    this purchase was made in following countrie : Hong kong

    if you are the source of the downoald, you can ignore this email. He was sent as precaution to protect you from any unauthorized purchases.

    if you are not behind this purchase, we recommend you go here

    Best regards,

    Apple"

  • March 27, 2016 at 10:48 AM by an anonymous user from: Tucker, Georgia, United States

    I have been receiving phishing and fake FBI alerts spams from "specialinvestigators .onmicrosoft.com" accounts.

    I have complained to Microsoft dozens of times and I ever get back is canned responses such as the following:

    "Thank you for your report. Based on the message header information you have provided, this email appears to have originated from an Office 365 or Exchange Online tenant account.to report junk mail from Office 365 tenants, please send an email to junk@office365.microsoft.com and include the junk mail as an attachment.

    You can get more information about dealing with junk email from Office 365 and Exchange Online accounts here: https://technet.microsoft.com/ en-us/library/jj200769 (v=exchg.150).aspx"

    Sending the complaint to the junk@ email address does nothing as well. There may be a legal issue here as Microsoft has been given ample warning of crimes being committed on their equipment yet they fail to act to curb this wave of criminal activity.

  • March 6, 2016 at 6:34 PM by an anonymous user from: Apex, North Carolina, United States

    I am getting a warning that my mailbox is full and it is sending out a message to people that are trying to send me email. How can I fix this? I have enough storage in both my godaddy and gmail account. This is the who I am getting the message from: "Microsoft Exchange 329e71ec88ae4615bbc 36ab6ce41109e@NETORG139679 .onmicrosoft.com" and the error message: "The recipient's mailbox is full and can't accept messages now. Please try resending your message later, or contact the recipient directly."

    • March 6, 2016 at 6:43 PM by info

      The email message is a phishing scam sent by cybercriminals to trick you into stealing your email account's username and password. Please delete the fake email message.

      If you receive email message claiming that your mailbox is full, never click on the links within them.instead, sign into your account, and if there is a problem with your account, it will be displayed to you.

      • March 6, 2016 at 6:56 PM by an anonymous user from: Apex, North Carolina, United States

        How do I stop this from happening or how do I correct it? How do I keep from getting the email?

        • March 6, 2016 at 7:05 PM by info

          There is no way to stop spam or unsolicited emails. Just be careful of unexpected email messages that claim you are a lottery winner, that claim you won some promotional prize, or ask you to open an attachment.

  • January 9, 2016 at 8:46 AM by info

    Received from an anonymous user:

    "I recieved an email supposedly from Paypal saying i had sent $200 to some “ Rons Rising Stars “? in America. I checked my account and no money had been sent.On further inspection email was asking me to set up a “ paypal account “ so i wouldnt have to put details in every time i shopped online! Which is odd seeing how i was supposed to have already sent them $200 through my Paypal account .I looked at the address bar and noticed it said pplll@pplll.onmicrosoft.com’', so i looked it up and “ onmicrosoft.com “ apparently lets fraudsters set up a web domain that looks quiet real to get people to send money or click on infected links Beware!"

  • September 23, 2015 at 8:08 PM by an anonymous user from: Boston, Massachusetts, United States

    Any other Geek Squad customers getting phished emails for billing from ransom malware hackers? Able to shut down Best Buy ("webroot") software exposing machine to hijacking when customer calls to complain about service being terminated. Hacks have access to their billing info? online service sessions?

Comments Show More Comments (95)

Write Your Comment, Question, Answer, or Review

OnMicrosoft.com Office 365 Malicious and Spam Emails