Users report phishing emails coming from Microsoft’s system, and the company is digging in

To that end, it’s still unclear how the scammers are exploiting the system, but evidence suggests the email address wasn’t spoofed — it was compromised. It appears the scammers have created new Microsoft accounts, posing as legitimate customers to gain access and send emails that seem to come from the company.

While speaking to TechCrunch, a Microsoft spokesperson indicated that:

"We are actively investigating and taking action against these phishing reports to help keep customers protected. This includes further strengthening our detection and blocking mechanisms, while removing accounts that violate our Terms of Use."

Multiple users have reported receiving spam emails that appear to come from Microsoft, featuring suspicious subject lines and links to questionable sites.

Interestingly, some of the subject lines in the emails are uncanny, as official emails from the tech giant would use to alert users about fraudulent transactions, seemingly making it even harder for users to identify the email as spam. Perhaps more concerningly, other emails claim to have a confidential message waiting for the recipient at a web address included in the email.

While Microsoft investigates the phishing scam, it’s crucial to stay vigilant when handling emails from the compromised address. Watch for unusual subject lines and always hover over links to verify whether they lead to suspicious or unfamiliar domains.

I'll keep tabs on this developing story as it unfolds and equally keep you posted as new information becomes available.

Join us on Reddit at r/WindowsCentral to share your insights and discuss our latest news, reviews, and more.