NEWYou can now listen to Fox News articles!
A phishing scam posing as a Microsoft security alert is targeting users with emails that claim an alert has been triggered on their account.
The link appears safe at first glance, often pointing to a Google Docs or SharePoint page. But that’s part of the trap.
Once clicked, it redirects to a fake Microsoft login page designed to steal your credentials.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER
AMAZON ALERTS CUSTOMERS ABOUT IMPERSONATION SCAMS
A person working on a laptop (Kurt “CyberGuy” Knutsson)
How the fake Microsoft alert scam works
This scam begins with an email that appears to be a legitimate Microsoft security alert. It claims an issue has been detected on your account and prompts you to click a link to view more details. The language is vague but urgent, designed to create concern and get you to act quickly.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
What makes this phishing attempt especially deceptive is the use of trusted platforms. Instead of linking directly to a malicious site, the email includes a link to a legitimate service, such as Google Docs or SharePoint. At first glance, the link looks safe. But once opened, it quietly redirects you to a fake Microsoft login page built to steal your credentials. In some cases, the attackers also modify support contact details to route victims to scam-operated phone numbers.
Microsoft phishing email (Kurt “CyberGuy” Knutsson)
Key warning signs of a fake Microsoft alert
Phishing emails can be surprisingly convincing, but there are a few clear signs to watch for:
- Slightly misspelled or unusual sender addresses
- Urgent language and threats warning your account will be locked or compromised
- Links that don’t lead to Microsoft
- Requests for sensitive info, like passwords or two-factor authentication (2FA) codes
- Unexpected attachments or QR codes prompting you to log in
GET FOX BUSINESS ON THE GO BY CLICKING HERE
Man checking Microcoft phishing email on a computer with a phone in hand (Kurt “CyberGuy” Knutsson)
Tips to avoid falling for Microsoft phishing scams
1. Think before you click: Always check the sender’s email and hover over links before clicking. If the message looks suspicious, do not click the link. Instead, go directly to your Microsoft account using a trusted browser.
2. Only approve 2FA requests you initiate: Even if a scammer gets your password, 2FA can stop them from getting into your account. Just ensure that you only approve login requests that you’ve personally initiated. If you get a random prompt on your phone or authentication app, do not approve it.
3. Report phishing emails: Use Outlook’s built-in tools to report suspicious messages as phishing. You can also forward them to Microsoft at reportphishing@microsoft.com.
4. Use strong antivirus software: Consider using strong antivirus software with built-in phishing and link protection to catch threats before they reach you. Stay vigilant when it comes to emails, phone calls, or messages from unknown sources asking for personal information. Avoid clicking on suspicious links or providing sensitive details unless you can verify the legitimacy of the request. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
For the best antivirus protection in 2025, visit CyberGuy.com/LockUpYourTech.
5. Never share sensitive info: Microsoft will never ask for your password, 2FA code, or payment details via email. If you’re unsure, log in directly from a browser to check.
6. Consider personal data removal services: After phishing attempts, your data may end up circulating among data brokers, increasing your risk of future scams and identity theft. Data removal services can help reduce the visibility of your personal information by submitting removal requests to dozens of people-search and broker sites. This limits how easily scammers and spammers can find and target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan
Kurt’s key takeaways
Fake Microsoft alerts are carefully crafted to appear genuine, which is why it’s crucial to remain cautious. Always verify messages through official channels, avoid clicking suspicious links, and report anything that doesn’t seem right. A few extra seconds of caution can help protect your account and your personal data.
CLICK HERE TO GET THE FOX NEWS APP
Have you ever received a suspicious alert email claiming to be from Microsoft? Let us know by writing us at Cyberguy.com/Contact
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER
Copyright 2025 CyberGuy.com. All rights reserved.
