![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 57.00000000000001%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJK%3C/text%3E%3C/svg%3E)
Microsoft 365 and Office | Other
Miscellaneous topics that do not fit into specific categories.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 64%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKG%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 96%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 43%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
The message content clearly matches common phishing patterns and should be treated as a scam, even if the notification appears to come from a Microsoft service.
Actions to take:
- Do not click the notebook link, call the phone number, or reply to the message.
- Verify the sender domain:
- Genuine Microsoft support mail uses specific domains such as
microsoft.com,microsoftsupport.com, ormail.support.microsoft.com. Messages about unexpected subscriptions with other domains are likely phishing.
- Genuine Microsoft support mail uses specific domains such as
- Report the message as phishing:
- In Outlook/Outlook.com, use the built‑in Report or Report phishing option so it is sent to Microsoft for analysis. This helps improve filters and does not require blocking the sender.
- If the built‑in reporting is not available, follow the guidance in Protect yourself from phishing to submit the suspicious email to Microsoft using the official reporting methods.
- If using Microsoft 365 with Defender for Office 365 in an organization:
- Users can report the message with the built‑in Report button in Outlook.
- Admins can submit the message from the Submissions page in the Microsoft Defender portal, or from quarantine if it ends up there later.
- Monitor the account and payment methods:
- Because the email claims a $399.99 charge, independently check bank/credit card/PayPal statements directly (not via the email links) to confirm there is no real transaction.
- If any unauthorized charge is found, work with the bank or payment provider to dispute it.
If there is concern that the Microsoft account or Outlook.com account might have been compromised, follow the account‑recovery and protection steps in the Outlook.com security guidance (for example, changing the password and reviewing recent activity).
References:
- How do I know if an email from Microsoft support is genuine?
- Protect yourself from phishing
- Phishing and suspicious behavior in Outlook
- How do I report a suspicious email or file to Microsoft?
- Help protect your Outlook.com email account
- Is this legit email also? - Microsoft Q&A
- Email from M!CROSOFT - Microsoft Q&A
- I think I'm being scammed, but I want to make sure. (Though I may be in the wrong place.) - Microsoft Q&A