There’s A Dangerous Microsoft Phishing Email Making The Rounds

A reader sent me this email that when I examined it, illustrates how a well done phishing email can be extremely dangerous.

Let’s start with the email:

The look of this email is very well done. It will fool a lot of people. If click on the “Verify Now” link which for the record you should not do, you get this:

To add to the legitimacy of the scam, you have to pass through this fake Cloudflare page. Fun fact. Microsoft doesn’t use Cloudflare to verify connections and protect against denial of service attacks. You next go here:

This is a perfect replication of a Microsoft login screen. Again, this is going to fool a lot of people. And it does some checking to see if an account is likely to be valid. I say that because I originally typed in “” and had that rejected. So I had to go with “” to get this password screen:

Again, a very well done replication of a real password screen from Microsoft. And what’s interesting is that it actually checks to see if the password is valid. So that implies that whomever is behind this is really sophisticated and trying to harvest credentials to use for whatever evil purposes that they have in mind.

Now how did I figure out that this email was not from Microsoft, there were a couple of things that caught my eye:

Seeing as Microsoft uses for all its communications, this email makes it clear that this email is from someone other than Microsoft.

The URL in the fake login page isn’t one that uses That’s another sign that this is something that you should be avoiding.

This phishing campaign is clearly aimed at as well as Microsoft 365 users. Thus if you’re in one camp or the other, you need to watch out for this email hitting your inbox as you’re clearly a target. And if you do get this email, delete it and move on with your day.

Leave a Reply

%d bloggers like this: