Once cybercriminals have gotten their potential victims’ account credentials (usernames and passwords), they will use it to hijack their Microsoft accounts and use them fraudulently. Therefore, recipients of the phishing email message (see below) who were tricked into clicking on the link within it and have attempted to sign into the phishing or fake website that they were taken, are asked to change their Microsoft account passwords immediately, before they are hijacked and used fraudulently by cybercriminals.
The "Important Security Information for Outlook User" Phishing Scam
From: "microsoft.com protection" <verify-do-not-replyhi@outlook.com>
Date: 01/05/2017 9:32 am (GMT+00:00)
To: live@e.microsoft.com
Subject: Important Security Information for Outlook Users
Microsoft account
Security alert
Due to the new security policy as directed by Microsoft,
your account failed the security process and is open to malwares and has just been De-activated.
To re-activate kindly click below or click here to ignore .
Re-activate Email
Thank you for using Microsoft services.
© 2017 Microsoft Services Agreement and privacy and cookies statement
Microsoft users should never click on a link to sign into their accounts, they should instead, go directly to https://account.microsoft.com/ and sign-in from there. If there is something that needs to be done to their accounts, they will be notified. This is will prevent Microsoft users from visiting phishing websites disguised as legitimate Microsoft website that steals account credentials.