We all get junk mail and scam attempts. However, one I received recently apparently to be legit, but it was not. Apparently lots of people who have interacted with Microsoft have received one like me. You can’t blame yourself for trusting as appears to being legitimate and real.
TechCrunch’s Zack Whittaker reports that it appears to come from msonlineservicesteam@microsoftonline.com which MS uses for legitimate purposes such as 2FA. Some bogus emails fail with poor attempts about verification of codes but even then, people might think it’s ok to interact with the email as your already deal with MS or most of us do. Other tech companies have reported scam emails the use legitimate email addresses.
What to do. “Checking the email address of a suspicious message is often the first step in determining its legitimacy, so the fact that scammers can take over these addresses might seem daunting. But there are plenty of other tells you can look out for to avoid falling victim to these phishing emails. The email might appear to be from a company you know, but click hover over the sender’s email and click on the downarrow beside the name. If the domain does not match what you expect, DELETE the email.
First, while the address might be legit, scammy links likely aren’t. Hover your cursor over the hyperlinks in the email to reveal the URL. If you see shortened links, or lengthy, jumbled URLs, assume the worst. Be critical of how the email is constructed as well. If there are spelling or grammatical errors in the subject line or body, or if the overall design doesn’t align with the standards of the company in question, it’s likely fraudulent. ”
“That Email From ‘Microsoft’ Is Actually a Scam”
Jake Peterson – Lifehacker, May 2026
___________
Related story from Newsweek, Sam Stevenson, May 19, 2026
Apple Mac users face an arms race with online bad actors who try to get into your computer while you carry out everyday “normal” tasks. It might be something simple as searching for an app and downloading a link or you following a request to update something.
Downloading malicious apps can steal passwords, and valuable financial data. The website may look legitimate but avoid clicking or downloading anything until you are convinced it’s real. You might be tempted to accept a link for an update on an app you are using. Any request for clicking a link or entering a password from a request outside of the App Store could be very risky and you could loose financial files and data.
These request might be “shape shifting” by looking like a MS download, an Apple update or something from a Google app. It’s betting on your trust in known names.
Keep yourself safe with these steps:
- Stick to official sources such as the Mac App Store or verified company websites.
- Ignore unexpected update prompts, especially from pop-ups or unfamiliar sites.
- Be cautious if your Mac suddenly asks for a password during a download.
- Avoid running tools or scripts you did not intentionally start.
- Keep your system up to date with official updates.
Bottom line, just be vigilant