Once cybercriminals have gotten their potential victims’ account credentials (usernames and passwords), they will use it to hijack their Microsoft accounts and use them fraudulently. Therefore, recipients of the phishing email message (see below) who were tricked into clicking on the link within it and have attempted to sign into the phishing or fake website that they were taken, are asked to change their Microsoft account passwords immediately, before they are hijacked and used fraudulently by cybercriminals.
A Sample of the "Microsoft Storage Limit Notification" Phishing Scam
From: Account Security <pengyonghw@hotmail.com>
Sent: Tuesday, September 19, 2017 7:32 am
Subject: Storage Limit Notification
To: <noreply@hotmail.com>
Final Warning
Dear user,
You have reached the storage limit of your mail and cannot receive new messages until you Expand Your Storage Limit.
Follow the link below to Expand Storage Limit so it will enable you receive your new messages
Expand Limit
This restriction will be disabled intermediately we confirm storage expand
successful.
Thanks,
The email security team.
Netease respects your privacy. To learn more, please read our online Privacy Statement
Account Corporation, One Account Way, Redmond, WA 98052-6399, USA © 2017 Netease Corporation. All rights reserved
Microsoft users should never click on a link to sign into their accounts, they should instead, go directly to https://outlook.live.com and sign-in from there. If there is something that needs to be done to their accounts, they will be notified. This is will prevent Microsoft users from visiting phishing websites disguised as legitimate Microsoft website that steals account credentials.