Scammers have figured out how to send phishing emails that appear to come directly from Microsoft's own email servers, bypassing traditional security checks that catch most fraudulent messages.
The attack exploits a technical vulnerability in how email authentication works. Hackers compromise legitimate Microsoft accounts or abuse Microsoft's own infrastructure to send deceptive messages that pass SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) checks. These are the authentication protocols most email providers rely on to verify that a message actually comes from who it claims to be.
The fake emails typically contain urgent language asking you to confirm your account, reset your password, or update payment information. Because they originate from actual Microsoft servers, they bypass spam filters and land directly in your inbox appearing legitimate.
Here's what to do right now. Never click links in unsolicited Microsoft emails. Instead, go directly to Microsoft.com in your browser or call Microsoft support directly if you're concerned about your account. Legitimate companies never ask you to confirm sensitive information via email links.
Check your Microsoft account activity regularly. Log into account.microsoft.com and review recent sign-ins and connected devices. If you spot unfamiliar activity, change your password immediately and enable two-factor authentication if you haven't already.
Report suspicious emails to Microsoft. Forward the message to phishing@microsoft.com. This helps Microsoft track the compromised accounts being used.
Consider using a password manager like Bitwarden or 1Password. Unique, complex passwords mean that even if scammers trick you into entering credentials, they can't access your other accounts.
The scam works because people trust email addresses ending in @microsoft.com. That trust is now broken for incoming unsolicited messages. Treat every unexpected email asking for personal or financial information with suspicion, no matter who it appears to come from. When in doubt, contact