This scam has been around for a long time, and when I blogged about it in 2022, I was able to show you how easy it was to recognize. Not so with the latest edition. The Microsoft 365 Renewal Scam, v2.0 is “new & improved”, and much more likely to fool someone.
Here’s what to look out for:
This phishing attempt is very convincing, and avoids the easy tells of its predecessor. This email uses:
- proper spelling & grammar
- the same logo and layout of a legitimate Microsoft email
- buttons, weblinks & URLs that take you to real Microsoft websites
- email address ending in “onmicrosoft.com”
I must admit I scratched my head at this one for a minute…
How This Scam Works
Even though the links work, and lead to real Microsoft sites, they will (usually) confound the recipient. Those URLs lead to business-grade Microsoft logins that will not allow you to login with your personal/individual Microsoft credentials. You’ll just get an error, denying you access to their business side.
This is what the scammers want. They want you to futz with the buttons and links, get frustrated and return to their email message. Once you’re aggravated and worried, they’re expecting you to scour the email for other options, at which point, you’ll see the toll-free number as another option.
Do. NOT. Call. The. Number.
Anyone who calls the number is participating in the same old Thank You for your Purchase Scam that’s been around for a decade. That number does not lead to Microsoft. Cybercrooks are waiting by the phone for anyone to dial that number.
And they are ready to tell you outlandish tales about refunding you your money. They’d love to remotely connect to your system to gain access to your bank accounts. But this never ends well. When they get a victim to cooperate, that person is often left with a broken computer and an empty bank account.
In short, if you receive this email, do not respond or cooperate with it. Just move on! Mark it as spam and delete it. And if you need more peace of mind, feel free to go to the consumer-grade Microsoft Office website, to sign in and check your subscription and billing facts. You won’t see any evidence of the fictitious order from the scammer.
Leave a Reply