Online Threat Alerts (OTA) - Alerting you to scams and frauds.
Microsoft Account Security Alert Scam

Microsoft account security alert scams are phishing attempts using fake emails or pop-ups to steal login credentials by prompting urgent, fraudulent action. Genuine alerts come only from @accountprotection.microsoft.com. Never click links, call numbers in alerts, or share 2FA codes.

Characteristics of the Scam

  • False Urgency: Scammers often claim your account will be deleted, suspended, or has already been accessed to induce panic.
  • Suspicious Sender: The email address does not end in @microsoft.com or @accountprotection.microsoft.com.
  • Fake Phone Numbers: Legitimate Microsoft security alerts never include a phone number to call.
  • Generic Greetings: Phishing emails often use "Dear User" instead of your name.

Protect Yourself

  • Do Not Click Links: Avoid clicking any links or opening attachments in the email.
  • Verify Independently: If you receive an alert, close the email, open a new browser tab, and go directly to account.microsoft.com to check your status.
  • Check Activity Log: Review your genuine sign-in activity at https://account.live.com/activity.
  • Report Phishing: Forward suspicious emails to reportphishing@antiphishing.org or use the "Report Phishing" button in Outlook.

If you have already clicked a link or provided information, immediately change your Microsoft account password and run a virus scan on your computer.

waiting