Microsoft scam: Outlook and Hotmail users are being targeted by fake ‘fraud protection’ emails
If you have a Microsoft Outlook or Hotmail email account, watch out for fake ‘fraud protection’ emails that prompt you to click on a link.
These dodgy messages are the latest example of fraudsters impersonating Microsoft. We recently reported on phishing emails that informed recipients their account storage was full.
If you get tricked by a phishing email, you could end up handing your personal details to scammers and potentially compromising your other accounts. Read on to learn about how to spot and report this latest Microsoft scam.
Outsmart the scammers – our free scam alert service can help you spot and avoid the latest scams
How the scam works
This dodgy email purports to be from the ‘Outlook Support Team’. It is flagged as ‘high priority’ and states it is from a ‘trusted sender’. The message informs you there’s been suspicious activity on your account and says you’ll need to click a link to log in.
If you click the link, you’ll be taken to a spoofed login page where you’ll be asked for your email and password. If you enter your details, you’ll be giving the scammers access to your account and potentially any others that share the same email and password. Stolen data may also be used for further scams in future.
Microsoft scam email
1 / 3
A large collection of images displayed on this page are available at https://www.which.co.uk/news/article/microsoft-scam-outlook-and-hotmail-users-are-being-targeted-by-fake-fraud-protection-emails-aEQoU5n7BRpU
The signs of a scam
There are a few signs this message is dodgy.
First, the sender’s email address appears to be a random mishmash of letters and numbers rather than a genuine Microsoft address. In addition, the message states in red text that your service will be suspended in 24 hours unless you click the link. Applying time pressure in an attempt to panic victims is a classic tactic used by scammers. Finally, the spacing used in the subject line and the use of an exclamation mark makes the message appear less professional.
A Microsoft spokesperson told us: ‘We can confirm this is not a genuine communication. Unfortunately, the names of reputable companies like Microsoft are often used fraudulently to lull victims into a false sense of security.
‘Our customers are often targeted by criminals who are always seeking new and increasingly sophisticated ways to deceive their victims.’
How to report scam emails
To report scam emails on an Outlook or Hotmail account, click on the three dots in the top right-hand corner of the email, select ‘report’ and then ‘report phishing’.
Suspicious emails should also be forwarded to report@phishing.gov.uk, where they will be investigated by the National Cyber Security Centre (NCSC). Scam websites can be reported to the NCSC online.
If you have given away any of your details, change your passwords immediately. If you’ve potentially handed over financial information, contact your bank straight away by calling the number on the back of your card and keep a close eye on your credit report. You should also report the scam to Action Fraud.
