"Microsoft Office 365 Violation of Policy" Phishing Scams

Comments: 1
Views: 3,285
Save
Updated: Apr. 28, 2017 2017-04-28T14:13:55
Posted: Apr. 28, 2017 2017-04-28T13:58:20
Online Threat Alerts (OTA)

Microsoft users, if you have received email messages like the one below, claiming that your accounts have violated Microsoft's policy and due to this will be disabled, are phishing scams being sent by cyber criminals and not by Microsoft. The fake email messages were created by cyber criminals to frighten and trick the recipients into clicking on the link within them. The link goes to a phishing website or a fake website looking like Microsoft’s website, created by cyber criminals to trick potential victims into entering their Microsoft account usernames and passwords on it, by asking them to sign in. But, any attempts to sign into the fake website, will result in the victims’ Microsoft account usernames and passwords being sent to cyber criminals.

A Sample of a "Microsoft Office 365 Violation of Policy" Phishing Scam

From: Microsoft@outlook.messages.com <Microsoft@outlook.messages.com>
Sent: 28 April 2017 06:19
To: AGS ICT-Admin
Subject: You have violated our policy

Microsoft Office365

Hi Admin

[email address] have constantly made attempts to violate our online violation policy

We want to notify you that your email account will be disabled today

Note: If you do not know anything about this violation attempts, Please kindly cancel the unknown violation attempt process immediately before we disable your email permanently.

Click here to cancel all unknown violation attempts

If you want your email account disabled please ignore this message.

Thanks.

Outlook.com Mail

Powered by Microsoft Outlook

Once cybercriminals have gotten their potential victims’ account credentials (usernames and passwords), they will use it to hijack their Microsoft accounts and use them fraudulently. Therefore, recipients of the phishing email message (see below) who were tricked into clicking on the link within it and have attempted to sign into the phishing or fake website that they were taken, are asked to change their Microsoft account passwords immediately, before they are hijacked and used fraudulently by cybercriminals.

Microsoft users should never click on a link to sign into their accounts, they should instead, go directly to https://account.microsoft.com/ and sign-in from there. If there is something that needs to be done to their accounts, they will be notified. This is will prevent Microsoft users from visiting phishing websites disguised as legitimate Microsoft website that steals account credentials.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search

engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Was this article helpful? +

Yes (0)
No (0)

Share this with others:

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

April 3, 2018 at 8:33 PM by info
Here is another scam:
- Forwarded message -
From: Microsoft <alerts@microoftpolicy.com>
Date: Tue, Apr 3, 2018 at 8:49 AM
Subject: Microsoft Terms of Service Violation
Microsoft Office 365 Policy Violated
Recent activity on your Outlook Office 365 account has violated the Office Terms of Service.
You have only 24 hours to review the Microsoft Office 365 Terms of Service.
Your email will be disabled from our service if you do not take actions now!
Please sign in to the Office 365 message center to learn more about this policy and what actions you can take.
Sign in to Office 365
Sincerely,
The Microsoft Office 365 Team"
remove