The email message below with the subject: "Microsoft Services Agreement Improving the Privacy Statement for consumers," which claims the recipients need to update their accounts for a faster, safer and full-featured Microsoft Outlook experience and to avoid your account being de-activated, is a phishing scam sent by cybercriminals, and not by Microsoft. The fake email message was created by cybercriminals to frighten and trick the recipients into clicking on the link within it. The link goes to a phishing website or a fake website looking like Microsoft’s website, created by cybercriminals to trick potential victims into entering their Microsoft account usernames and passwords on it, by asking them to sign in. But, any attempts to sign into the fake website, will result in the victims’ Microsoft account usernames and passwords being sent to cybercriminals.
Once cybercriminals have gotten their potential victims’ account credentials (usernames and passwords), they will use it to hijack their Microsoft accounts and use them fraudulently. Therefore, recipients of the phishing email message (see below) who were tricked into clicking on the link within it and have attempted to sign into the phishing or fake website that they were taken, are asked to change their Microsoft account passwords immediately, before they are hijacked and used fraudulently by cybercriminals.
The "Microsoft Services Agreement Improving the Privacy Statement for Consumers" Phishing Scam
From: Outlook.com Team firstname.lastname@example.org
Date: January 9, 2017 at 12:21:53 AM EST
Subject: Microsoft Services Agreement Improving the Privacy Statement for consumers
We’re updating the Microsoft Services Agreement and the Microsoft Privacy Statement.
If you do not update your Microsoft account within 24 hours your account will be deactivated and deleted from our server. Take a minute to update your account for a faster, safer and full-featured Microsoft Outlook experience and to avoid your account being De-Activated.
Update Your Account
Thank you for using Microsoft services.
Redmond, WA 98069
Microsoft users should never click on a link to sign into their accounts, they should instead, go directly to https://account.microsoft.com/ and sign-in from there. If there is something that needs to be done to their accounts, they will be notified. This is will prevent Microsoft users from visiting phishing websites disguised as legitimate Microsoft website that steal account credentials.