The "Microsoft Office 365 Recovery Details Threat" Phishing Scam

The Microsoft Office 365 Recovery Details Threat Phishing Scam

Microsoft users, if you have received the "Microsoft Office 365 Recovery Details Threat" email message, see below, claiming that your account has been tampered with, are phishing scams being sent by cyber criminals and not by Microsoft. The fake email message is being sent by cybercriminals who are attempting to frighten and trick the recipients into clicking on the link within them. The link goes to a phishing website or a fake website looking like Microsoft’s website, created by cyber criminals to trick potential victims into entering their Microsoft account usernames and passwords on it, by asking them to sign in. But, any attempts to sign into the fake website, will result in the victims’ Microsoft account usernames and passwords being sent to cyber criminals.

Advertisements - Continue reading below

The "Microsoft Office 365 Recovery Details Threat" Phishing Scam

From: Outlook Mail Protection <ms-oxprotp.mssimple.apcprd01@mail.pension-rust.de>

Sent: Wednesday, January 23, 2019 1:24 AM

To: Danette Rasmussen

Subject: Re: Recovery details threat

Microsoft Office-365

Recovery details threat

Dear User,

Recovery details associated with has been tampered with;

We presume this may be an account takeover action by someone else.

Clarify if you're aware of this development by checking from below portal.

REVIEW RECOVERY SETTINGS

Best regards,

Microsoft Team.

Once cybercriminals have gotten their potential victims’ account credentials (usernames and passwords), they will use it to hijack their Microsoft accounts and use them fraudulently. Therefore, recipients of the phishing email message (see below) who were tricked into clicking on the link within it and have attempted to sign into the phishing or fake website that they were taken, are asked to change their Microsoft account passwords immediately, before they are hijacked and used fraudulently by cybercriminals.

Microsoft users should never click on a link to sign into their accounts, they should instead, go directly to https://account.microsoft.com/ and sign-in from there. If there is something that needs to be done to their accounts, they will be notified. This is will prevent Microsoft users from visiting phishing websites disguised as legitimate Microsoft website that steals account credentials.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search engine.Search
Write commentWrite your comment or view the ones below.    +
Was this article helpful?
Advertisements - Continue reading below
Comments, Answers, Reviews or Questions
To protect your privacy, please remove sensitive or identifiable information from your comments, questions, or reviews. Please keep conversations courteous and on-topic.

waiting
Write Your Comment, Answer, Review or Question

Advertisements - Continue reading below
Advertisements - Continue reading below
Advertisements - Continue reading below
Advertisements - Continue reading below
Advertisements - Continue reading below
Advertisements - Continue reading below
Advertisements - Continue reading below
Advertisements - Continue reading below
The "Microsoft Office 365 Recovery Details Threat" Phishing Scam