Microsoft 365 has put out a BOLO (Be on the lookout) for phishing emails focusing on your MS-365 credentials to be able to send more phishing emails through the MS-365 email system without interference or detection and sell the login information on the digital black market to bad actors, and as always contact your IT Services Provider to report these issues.

We will give you a step by step look at what a bogus/phishing email looks like from a mobile device and Outlook Desktop App and how to process/report that bad email with your Outllok Desktop App.  

On your mobile device:

Here is when you initially get this email and how it appears.

Two quick things to catch at first glance are the “Ref” and the “Verify Now” button.

The first step should be checking the sender information.

 Of course if you can check** the “Verify Now” button’s hyperlink/URL address to verify it’s legitimacy.  **If your not sure or feel uncomfortable with this process, contact your IT Services Provider.

With Outlook Desktop App:

How the email appears in the email list.

Of course make sure you can open the email safely, first look at the sender information and notice how long the email address is, which is on purpose.

The sender email address is outrageously bogus:

Here is the hyperlink/URL for the “Verify Now” Button, which redirects you to a phony website which looks like a MS-365 login screen and then records your login information into a database to be exploited by the bad actor.

Now let’s walk through the Outlook Desktop App process to deal with the bad email you have discovered.  

Important note here is to ensure/verify the email you are going to process is positively a bad email, if you follow this process the sender of the email you’re submitting to MS-365 will or may affect your MS-365 domain/tenancy, and may affect your email service provider.

Of course if you are uncomfortable with handling these types of circumstances, contact your IT Services Provider.

On your top ribbon you’ll see an Icon similar to the one below.

Once you complete this process, that bad email will be placed or moved into your deleted items folder. 

So, if you do click the link by mistake and attempt to log into the fake MS-365 login, change your MS-365 password as soon as possible and contact your IT Services Provider or Microsoft Partner of Record (POR) immediately to assist you to ensure the bogus or bad email has been delt with properly and your MS-365 email credentials are not compromised.