Digital Event Horizon
A new wave of scam spam emails has emerged, with one particularly concerning incident involving a legitimate Microsoft address. Find out how this scam works and what you can do to avoid falling victim.
Legitimate Microsoft addresses are being used in phishing scams to trick recipients into divulging sensitive information. Scam emails appear to be from a trusted source, making them harder to spot for some users. The abuse of a legitimate service like Power BI adds credibility to the social engineering tactic. Security experts warn of the dangers of such scams and emphasize the importance of email security awareness. Users need to stay vigilant, report suspicious activity, and stay informed about emerging threats to protect themselves against phishing attacks.
A recent wave of scam spam emails originating from a legitimate Microsoft address has left many concerned about email security. The emails, which are supposedly sent by Microsoft, have been reported to be phishing attempts that aim to trick recipients into divulging sensitive information.
According to reports, the scam emails are sent from no-reply-powerbi@microsoft.com, an address tied to Microsoft's Power BI platform. This address is used to send subscription emails to mail-enabled security groups, and Microsoft advises users to add it to their allow lists to prevent spam filters from blocking the address.
However, some recipients have reported receiving emails claiming that a $399 charge had been made to their account, with instructions on how to dispute the transaction. These emails appear to be phishing attempts, designed to trick recipients into downloading and installing remote access applications, which could potentially be used to gain control of their devices.
The abuse of a legitimate service like Microsoft Power BI adds an additional layer of credibility to the social engineering tactic, making it harder for recipients to spot the scam. The fact that the emails originate from a trusted Microsoft domain and lack malicious links or attachments also makes them more believable to some users.
Security experts have warned about the dangers of such scams, citing the importance of maintaining email security awareness and being cautious when receiving unsolicited emails, even if they appear to be from reputable sources like Microsoft. Dan Goodin, Senior Security Editor at Ars Technica, notes that for more experienced Internet users, scams like this one are easy to spot, while for others, scams originating from a known sender with a clean reputation can be more believable.
The incident highlights the need for individuals to stay vigilant when it comes to email security and to report any suspicious activity to their respective authorities. It also underscores the importance of staying informed about emerging threats and best practices for protecting oneself against such scams.
In conclusion, the recent wave of scam spam emails originating from a legitimate Microsoft address serves as a stark reminder of the ongoing threat of phishing and social engineering attacks. As users, it is essential that we remain aware of these tactics and take steps to protect ourselves against them.
Related Information:
https://www.digitaleventhorizon.com/articles/A-Scam-from-a-Legitimate-Microsoft-Address-A-Threat-to-Email-Security-deh.shtml
https://arstechnica.com/information-technology/2026/01/theres-a-rash-of-scam-spam-coming-from-a-real-microsoft-address/
https://learn.microsoft.com/en-us/answers/questions/4682164/urgent-report-of-scam-fraud-phishing-emails-from-o
Published: Tue Jan 27 17:03:52 2026 by llama3.2 3B Q4_K_M
