email fraud using Microsoft name

Question

|This is a copy of an email I received today about a transaction on Microsoft Azure| | -------- | Alert rule description

|Is this fraud Email and should I disregard it?| | -------- | MICROSOFT CORPORATION BILLING AND ACCOUNT SECURITY NOTICE (REF: MS-FRA-6673829-KP). Our system has detected a potentially unauthorized charge on your account. Transaction Details: Merchant: Windows Defender. Transaction ID: PP456-887A-22B. Amount: 459.90 USD. Date: 03/11/2026. For your protection, this transaction has been temporarily placed on hold by our Fraud Detection Team. To prevent possible account suspension or additional fees, please verify this transaction immediately. If you did NOT authorize this payment, contact our 24/7 Microsoft Account Security Support at +1 (812) 266-1510 or +1 (812) 266-1890 . We apologize for any inconvenience and appreciate your prompt response. Microsoft Account Security Team.

Alert rule description

Answer 1

The email we received was from the following address:

From: Microsoft Azure azure-noreply@microsoft.com

So how is Microsoft allowing these emails to be sent from an email address from their registered domain? Users are trained to use the S.L.A.M. method when verifying emails, and these look legit to the end user, especially when the links go to legitimate Microsoft sites.

Answer 2

Yes, this is a scam that has been reported by several users. By all means, don't call that number, because they will aim to rip you off.