Hello ladies and gentlemen, Sometimes you may receive an email from the address ms-noreply@microsoft.com with the name Microsoft on behalf of your organization or from other email addresses with the microsoft.com domain. Yes, the domain will be microsoft.com, which is a trusted domain name. However, it is still a scam email that will lead you to phishing sites or simply show unpleasant ads.

Scam from the microsoft.com domain

Spam can come from different addresses, I have seen the following:

  • noreply@microsoft.com;
  • noreply@account-microsoft365.com;
  • microsoft-noreply@microsoft.com;
  • ms-noreply@microsoft.com.

If you think these are real Microsoft emails, you are mistaken. These are spoofed email addresses. None of Microsoft’s services use these email addresses.

The content of the emails can vary. For example, you might be told that your mailbox is 95% full, or that your OneDrive storage is full.
Emails have been received in Arabic, English, and Russian. Google did not identify them as spam or mark the content as unsafe.

Email spoofing with the domain microsoft.com

The address of these emails was spoofed using email spoofing, which is a common phenomenon, so a trusted domain like microsoft.com does not guarantee your safety. You can learn more about this phenomenon here: https://en.wikipedia.org/wiki/Email_spoofing.

One of the latest emails I received looked like this:

Subject: Account information for new or changed users

User account created or changed

Username: (email address of some random account)

Temporary password:

– Spam ad for a casino was placed here, which I won’t publish –

What you need to do next:

Share this information with your users.

Once they log in with the temporary password, they will be able to create their own password by following the instructions on the login page.

There was also a button leading to a fake site.

Email with scam from ms-noreply@microsoft.com
Draft of the email in Russian

The address on the button leads to the site: https://microsoft365.com. This is a phishing site, so do not click on this link.

Link to phishing site microsoft365.com

This scam site masquerades as the official Office 365 site.

he sole purpose of this site is to steal your information: Microsoft account login and password, as well as credit card numbers. Do not provide any information on this site.

The official Microsoft 365 website is located at: https://www.microsoft.com/en/microsoft-365/

And Office 365, from which the phishing site design was copied, is located at: https://www.office.com/. By the way, Office 365 is now called Microsoft 365.

So, feel free to mark this email as spam. And don’t worry, you have not been hacked. But if you are concerned, you can change your account password and scan your computer with antivirus software.

What to do if you left your information on the phishing site microsoft365.com?

Urgently change your passwords so that the attackers cannot access your account, this is the only thing you can do in this situation.

If you have provided any other critical data, such as credit card information, urgently block your accounts as they are compromised.

This is the only thing you can do in this situation. I hope this article helped you, and with that, I say goodbye and wish you success!

How useful was this post?

Click on a star to rate it!

Average rating 5 / 5. Vote count: 1

No votes so far! Be the first to rate this post.

If the materials from this website have been helpful, and you wish to support the blog, you can use the form at the following link: Donate to support the blog