Warning – Microsoft Office 365 Phishing Email


Be aware that an email scam designed to harvest Office 365 login details is currently doing the rounds –

Sender: Microsoft Administrators Team
<zbEWCn7gYFvc50mSQ16A.8qpx@imicrosoft.com> (or similar)

Subject: Office-365 Team (or similar)

Sample body text:

Dear [username],

You registered but you still haven’t confirmed the Address associated with your account.
You won’t be able to use your Email until you let us know that this address belongs to you.
Just follow the instruction below to confirm your account

Confirm Account [link]

Office Team

Look for the tell-tale signs and read and re-read if in doubt.

  • In this case, the sender’s address is a random string of characters on @imicrosoft.com. This is not a Microsoft domain. Easy to miss if skim-reading!
  • The name in the salutation is not the user’s full name, with caps, as registered to Office 365. It’s just plucked from the email address, and all lowercase as a result.
  • The ‘Confirm Account’ link points to a domain and website completely unrelated to Microsoft. Hover over the link in Outlook without clicking to see where it will go.
  • Poor grammar and punctuation, random capital letters.
  • Naming conventions are wrong and/or inconsistent – Office 365 does not have a hypen. The mail is signed as from ‘Office Team’.
  • There is no official, branded footer in the mail. This would usually contain the sender’s address and phone number, a description of the email source, and a link to unsubscribe from future mails to fulfil anti-spam regulations.

Remember, you can always type office.com into a browser, log in, and check your notifications to see if any maintenance is required on your Office 365 account. This applies to any similar fake alerts for the websites you regularly use.

Stay vigilant!