Once cybercriminals have gotten their potential victims’ account credentials (usernames and passwords), they will use it to hijack their Microsoft accounts and use them fraudulently. Therefore, recipients of the phishing email message (see below) who were tricked into clicking on the link within it and have attempted to sign into the phishing or fake website that they were taken, are asked to change their Microsoft account passwords immediately, before they are hijacked and used fraudulently by cybercriminals.
A Sample of the "Microsoft Sign-in Alert" Phishing Scam
From: Mail Services <firstname.lastname@example.org>
Sent: Tuesday, September 19, 2017 5:35 am
Subject: Incident Confirmation
MICROSOFT SIGN-IN ALERT
All new messages will be placed on Hold due to a request we got on our desk about closing your Mail. Verify your account immediately to get your mail working by Viewing this attachment to stop your account from Ending now.
Thank you for using Outlook.
Please review and view your document
We have sent you a new document to view. Please click on the 'View Documents' link below to view.
Microsoft users should never click on a link to sign into their accounts, they should instead, go directly to https://account.microsoft.com/ and sign-in from there. If there is something that needs to be done to their accounts, they will be notified. This is will prevent Microsoft users from visiting phishing websites disguised as legitimate Microsoft website that steal account credentials.