"Microsoft Office 365 Urgent Verification Needed" Phishing Scams
Microsoft users are asked to delete email messages like the one below, which claim that Microsoft will be shutting several email accounts if they are not verified due to congestion. The fake email messages are being sent by cyber criminals to frighten and trick the recipients into clicking on the link within them. The link goes to a phishing website or a fake website looking like Microsoft’s website, created by cyber criminals to trick potential victims into signing in. But, any attempts to sign into the fake website, will result in the victims’ Microsoft account usernames and passwords being sent to cyber criminals.
A Sample of a "Microsoft Office 365 Urgent Verification Needed" Phishing Scam
From: Microsoft account team
Sent: 07 July 2017 20:42
Subject: Urgent Verification Needed
Dear User,
Due to congestion in all Microsoft Email accounts, Microsoft would be shutting down several accounts as your email address needs to be added to the new Microsoft database. We programed to stop and delete unused email account, you may permanently stop receiving messages to this Email address if not verified.
Kindly verify and let us know if your account is still valid. following the link below to avoid your account being closed.
This back up is necessary for update and to avoid blocking of your account. If you do not respond to this message. you will lose your account permanently.
Thank you for your usual co-operation. We apologize for the inconvenience.
Click Here To Verify
Sincerely, Microsoft Team
© Copyright, 2017, Microsoft • 135 Bishopsgate, London, EC2M 3UR
Once cybercriminals have gotten their potential victims’ account credentials (usernames and passwords), they will use it to hijack their Microsoft accounts and use them fraudulently. Therefore, recipients of the phishing email message (see below) who were tricked into clicking on the link within it and have attempted to sign into the phishing or fake website that they were taken, are asked to change their Microsoft account passwords immediately, before they are hijacked and used fraudulently by cyber criminals.
Microsoft users should never click on a link to sign into their accounts, they should instead, go directly to https://account.microsoft.com/ and sign-in from there. If there is something that needs to be done to their accounts, they will be notified. This is will prevent Microsoft users from visiting phishing websites disguised as legitimate Microsoft website that steals account credentials.
Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.
Note: Some of the information in samples on this website may have been impersonated or spoofed.