"Microsoft Sign-in Alert" Phishing Scams

Microsoft account users who have received Microsoft Sign-in Alert emails like the one below, which claim their accounts will be placed on hold or closed, are asked to delete them. This is because the emails are fakes being sent by cybercriminals to frighten and trick the recipients into clicking on the link within it. The link goes to a phishing website or a fake website looking like Microsoft’s website, created by cybercriminals to trick potential victims into entering their Microsoft account usernames and passwords on it, by asking them to sign in. But, any attempts to sign into the fake website, will result in the victims’ Microsoft account usernames and passwords being sent to cybercriminals.

Microsoft Sign-in Alert Phishing Scams

Once cybercriminals have gotten their potential victims’ account credentials (usernames and passwords), they will use it to hijack their Microsoft accounts and use them fraudulently. Therefore, recipients of the phishing email message (see below) who were tricked into clicking on the link within it and have attempted to sign into the phishing or fake website that they were taken, are asked to change their Microsoft account passwords immediately, before they are hijacked and used fraudulently by cybercriminals.

A Sample of the "Microsoft Sign-in Alert" Phishing Scam

From: Mail Services <no@exampereleee.com>

Sent: Tuesday, September 19, 2017 5:35 am

Subject: Incident Confirmation

To: <msn@communication.live.com>


All new messages will be placed on Hold due to a request we got on our desk about closing your Mail. Verify your account immediately to get your mail working by Viewing this attachment to stop your account from Ending now.

Thank you for using Outlook.

Please review and view your document

Dear User

We have sent you a new document to view. Please click on the 'View Documents' link below to view.

View Documents

Microsoft users should never click on a link to sign into their accounts, they should instead, go directly to https://account.microsoft.com/ and sign-in from there. If there is something that needs to be done to their accounts, they will be notified. This is will prevent Microsoft users from visiting phishing websites disguised as legitimate Microsoft website that steal account credentials.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Was this article helpful?  +
Share this with others:

Comments, Questions, Answers, or Reviews

There are no comments as yet, please leave one below or revisit.

To protect your privacy, please remove sensitive information from your comments, questions, or reviews. We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your post will be set as anonymous because you are not signed in. An anonymous post cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

Write Your Comment, Question, Answer, or Review

"Microsoft Sign-in Alert" Phishing Scams