Scammers are sending highly convincing emails that appear to come from Microsoft, Google/Gmail, or other major service providers. These messages often include:
Claims of unusual sign-in activity (e.g., “Someone tried to sign in from a new device or location.”)
Alerts that your account has been “temporarily locked” for security reasons
Requests to “Review activity” or “Verify your account,” usually through buttons or links
Branding that looks identical to real Microsoft or Google emails, including logos, colors, and wording
Once you click the link, you are redirected to a fake login page that resembles the real one almost identically. If you enter your username and password, attackers immediately gain access to your email or cloud accounts. Most companies using Microsoft also customize the look of their login pages—so if the login page does not look familiar, do NOT enter your credentials.
Why this is dangerous:
Attackers often use your email to reset passwords to other accounts.
Once inside, they can send further phishing messages to your contacts.
They can access stored documents, photos, and sensitive data.
How to protect yourself:
Never click the “View sign-in activity” or “Secure your account” buttons in an email.
Instead, open your browser and manually type:
From there, check Security or Recent activity directly.
If an email claims something urgent, verify it in your account dashboard—not by clicking the link in the message.
If an email claims something urgent, verify it directly in your account dashboard—not through the email link.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article