High riskEmail Scams

Microsoft Account Email Scam

This scam sends a fake Microsoft or Outlook email about an unusual sign-in or an account about to be closed, linking to a fake Microsoft login page that captures your email and password.

Quick verdict

Risk level
High risk
Scam type
Account impersonation scam
Main red flag
An email warning of an unusual sign-in or pending account closure with a link to 'verify' or 'secure' your account.
What to do first
Do not click the link. Sign in to your account by typing the official Microsoft address yourself.

What this scam usually looks like

This scam sends a fake Microsoft or Outlook email about an unusual sign-in or an account about to be closed, linking to a fake Microsoft login page that captures your email and password.

Example message pattern

Example pattern — not a real report
Example pattern: 'Microsoft account: Unusual sign-in activity was detected. Your account will be closed in 24 hours unless you verify it here: [suspicious link]'

This is a fictional, anonymised example used to illustrate the pattern. It is not a verified real message, and any names are used only to show how the scam typically reads.

Red flags to watch for

  • A claim of an 'unusual sign-in' from an unfamiliar location or device
  • A threat that your account will be closed or deactivated soon
  • A link that does not lead to a genuine microsoft.com or live.com domain
  • Pressure to 'verify' or 'reactivate' by entering your password
  • Spelling, spacing or sender-address details that look slightly off

What to do

  • Do not click the link or sign in through the email
  • Open your account by typing the official Microsoft address or using a saved bookmark
  • Check your recent sign-in activity in your real account security settings
  • Report the email as phishing in your mail app, then delete it

If you already clicked or replied

  • Do not enter any more information on the page
  • Change your Microsoft password now, and anywhere you reused it
  • Turn on two-step verification and review recent sign-in activity
  • Sign out of all sessions and update your account recovery details

What not to do

  • Do not reply to the email or call any number it gives
  • Do not approve any sign-in prompts you did not start
  • Do not enter verification codes on a page reached through the link

Similar scams

High risk Email

Fake Apple ID Locked Email

This scam claims your Apple ID has been locked for security reasons and links to a fake sign-in page that captures your Apple ID and password.
High risk Email

Fake PayPal Email Scam

This scam sends an email claiming your PayPal account is limited or shows unusual activity, urging you to 'confirm' your details through a link that leads to a fake login page designed to steal your password.
High risk Text Message

Two-Factor Code Text Scam

In this scam a fraudster triggers a genuine two-factor or one-time code to your phone, then poses as support staff or a contact to pressure you into reading it back so they can take over your account.

Frequently asked questions

Does Microsoft send unusual sign-in emails?
Microsoft does send security alerts, but a genuine one can always be checked by signing in directly. A message demanding you act through its link to avoid closure is a common phishing approach.
The link looks like a Microsoft address, is it safe?
Scammers use lookalike domains and hidden links that display real-looking text but lead elsewhere. Rather than trusting the link, reach your account through the official site or app.
Why would a scammer want my Microsoft login?
A Microsoft or Outlook account often unlocks email, files and other linked services, and can be used to reset passwords elsewhere. That makes these logins a frequent target.
What if I entered my password already?
Change it immediately, enable two-step verification, sign out of all sessions and review your recovery email and phone number for any unauthorised changes.

Last reviewed: June 2026

Disclaimer: This page provides educational information only to help you recognise common scam patterns. It is not legal, financial, cybersecurity, or law enforcement advice, and it does not confirm whether any specific message, company, or person is genuine or fraudulent. When in doubt, contact the official organisation directly and report concerns to your local authorities.