Microsoft account security alert scams are phishing attempts using fake emails or pop-ups to steal login credentials by prompting urgent, fraudulent action. Genuine alerts come only from @accountprotection.microsoft.com. Never click links, call numbers in alerts, or share 2FA codes.
Characteristics of the Scam
- False Urgency: Scammers often claim your account will be deleted, suspended, or has already been accessed to induce panic.
- Suspicious Sender: The email address does not end in
@microsoft.com or @accountprotection.microsoft.com. - Fake Phone Numbers: Legitimate Microsoft security alerts never include a phone number to call.
- Generic Greetings: Phishing emails often use "Dear User" instead of your name.
Protect Yourself
- Do Not Click Links: Avoid clicking any links or opening attachments in the email.
- Verify Independently: If you receive an alert, close the email, open a new browser tab, and go directly to account.microsoft.com to check your status.
- Check Activity Log: Review your genuine sign-in activity at https://account.live.com/activity.
- Report Phishing: Forward suspicious emails to reportphishing@antiphishing.org or use the "Report Phishing" button in Outlook.
If you have already clicked a link or provided information, immediately change your Microsoft account password and run a virus scan on your computer.