Recipients of the same message who have already followed the instructions in it should change their email account's password immediately before their accounts are hijacked and used fraudulently.
The "Office365 Mail-Box Account Update" Phishing Scam
From: Support Team <firstname.lastname@example.org>
Sent: Friday, April 27, 2018 8:17 AM
Subject: Mail-Box Account Update
Dear- Office365 User,
We are presently fighting against spam messages due to large amount of spam mail, we updated our system firewall kindly protect your security level by updating your account below.
UPDATE ACCOUNT NOW
Note: All office365 user must update their account to prevent permanent Email malfunction.
Microsoft 2018 Service
The link in the fake email message goes to a fake Office 365 website. On the fake website, visitors will be asked to sign-in, if they attempt to do so, their email usernames and passwords will be sent to the cybercriminals responsible for the phishing email message. Once the cybercriminals have gotten their potential victims Microsoft account credentials, they will gain access to their accounts, hijack the accounts by changing passwords, and use the accounts fraudulently.