Microsoft Office ‘Unable to Verify Subscription’ email scam: how to spot and report

Rights, Scams and Politics

Updated on 17 September 2018 | 1 Comment

Convincing phishing message warns that outlook email users will be disconnected as Microsoft was unable to verify their subscription, before asking for their password.

If you use Microsoft Office – which includes Word, Excel and the Outlook email service – then be on alert, because a new phishing scam is doing the rounds.

The email has the subject line UNABLE TO VERIFY SUBSCRIPTION.

It appears to be from the ‘MS Message Center’ with the email address ‘no-reply.o365mc@domainservermsn.com’.

This is what it looks like (click on the image to see a larger version).

The Microsoft Office Unable to Verify phishing email

Think you've fallen victim to fraud? Check your credit report for anything suspicious

The message warns that your mailbox has been disabled and that you need to click the link to verify your subscription.

Unlike many scam emails, the spelling and grammar in this email is relatively accurate and the ‘Why it happens’ explanation is somewhat convincing – it's definitely more polished than the usual half-baked scam mails we receive.

Read more: the Microsoft password reset scam

What happens if you click the link?

When you click the ‘RE-ENABLE NOW’ link, you’re brought to a page resembling the Microsoft Office login portal (click on the image to expand):

The log in page on the Microsoft Office scam

Do not enter your password: this could give scammers access to your Outlook email account and all the personal information within.

Although the page looks convincing, a quick glance at the browser address bar strongly suggests it is fake.

Firstly, the site ‘eprohectos’ has nothing to do with Microsoft: the actual page address is ‘login.microsoftonline.com’, although bear in mind scammers can create convincing replicas.

Secondly, the .tk domain refers to the Pacific island territory of Tokelau, which has been associated with phishing scams in the past.

The browser bar does have a ‘Secure’ padlock mark, but these can often be faked and so shouldn’t be relied upon.

Read more: why just opening a scam email could help fraudsters

Don’t get caught out

With good grammar, a convincing login page and the fake ‘Secure’ padlock mark, this scam shows why you can never be too careful with emails.

The safest tactic is to be highly suspicious of any message that asks for your personal information or for you to log into your account and never click on the link.

If you want to double-check an email’s validity, ring the company on a number that you trust.

Scam emails should be reported to Microsoft: the simplest way to do it is to create a new blank email and address the email to junk@office365.microsoft.com or phish@office365.microsoft.com.

Copy and paste the scam into the email as an attachment and click send. Or if you have the Report Message add-in on Outlook, choose the Report Message button on your screen and you’ll see a few different options:

  • Junk;
  • Phishing;
  • Not junk;
  • Options;
  • Help.

If you pick Junk, Phishing or Not Junk, you’ll have the option to send a copy of the message to Microsoft.

Think you've fallen victim to fraud? Check your credit report for anything suspicious

Comments

Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.

 

loveMONEY.com Financial Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) with Firm Reference Number (FRN): 479153.

loveMONEY.com is a company registered in England & Wales (Company Number: 7406028) with its registered address at First Floor Ridgeland House, 15 Carfax, Horsham, West Sussex, RH12 1DY, United Kingdom. loveMONEY.com Limited operates under the trading name of loveMONEY.com Financial Services Limited. We operate as a credit broker for consumer credit and do not lend directly. Our company maintains relationships with various affiliates and lenders, which we may promote within our editorial content in emails and on featured partner pages through affiliate links. Please note, that we may receive commission payments from some of the product and service providers featured on our website. In line with Consumer Duty regulations, we assess our partners to ensure they offer fair value, are transparent, and cater to the needs of all customers, including vulnerable groups. We continuously review our practices to ensure compliance with these standards. While we make every effort to ensure the accuracy and currency of our editorial content, users should independently verify information with their chosen product or service provider. This can be done by reviewing the product landing page information and the terms and conditions associated with the product. If you are uncertain whether a product is suitable, we strongly recommend seeking advice from a regulated independent financial advisor before applying for the products.