What our user receive an email from Microsoft <******@email.microsoft.com>

IM ADMIN 0 Reputation points
2023-10-20T04:21:16.78+00:00

Our user received an email claimed from Microsoft <******@email.microsoft.com> with Subject: 以下是您向 Microsoft 索取的電子書 and this email contains a URL https://emails.microsoft.com/dc/pTEFlGZ9Q3ITrVt7_I2wJfSaXP4fVmu5GQerBk9DuUsLO_76aFr3sJnEYiRai4CvnYfnlEMem0zTvkk-FR8H519fpTe28gEV8_Pjwi-oAFSdIPtRs6mABIpKoW5Bsv6X/MTU3LUdRRS0zODIAAAGO4WTzDttCb0sJgoywdmVphClTcyywENFbNRRfe_Nvs9G1mZqWwouz1kzbJnD_ld_DLoz1Lc4=

But our user DID NOT make any request from Microsoft, it seems that this is a spoof email.

Exchange | Exchange Server | Other
{count} votes

2 answers

Sort by: Most helpful
  1. Anonymous
    2023-10-20T07:27:30.7566667+00:00

    Hello @IM ADMIN

    Yes, this is most likely a spoofed phishing email. Please do not click on the URL or provide any personal information before verifying its authenticity to prevent any loss. Typically, you can view the details of a message through a Message Header Analyzer.

    Paste the message headers into the field provided and click Analyze headers to produce the report.

    https://learn.microsoft.com/en-us/connectivity-analyzer/message-header-analyzer

    In addition, you can also refer to: Protect yourself from phishing

    Regards

    Shaofan


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". 

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.  

    1 person found this answer helpful.

  2. Q&A Assist
    2023-10-20T04:21:16.78+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Based on the information provided in the context, if the email claims to be from Microsoft but is being sent from another email domain, it is likely a phishing scam. Spoofed senders in messages might trick the recipient into selecting a link and giving up their credentials, downloading malware, or replying to a message with sensitive content. Users should always use caution, and perform due diligence to determine whether the message is a phishing email message before taking any other action. Start by hovering the mouse over all email addresses, links, and buttons to verify that the information looks valid and references Microsoft. Users can also analyze the message headers and message tracking to review the "spam confidence level" and other elements of the message to determine whether it's legitimate.

    In this case, the email address ******@email.microsoft.com seems to be a legitimate Microsoft email address. However, if the user did not make any request from Microsoft, it is possible that this is a spoof email. Therefore, the user should exercise caution and verify the legitimacy of the email before taking any action.


    References:

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.