Suspicious email

To determine if the email you received is legitimate, you should check the sender's email address and the domain from which it was sent. Microsoft support typically uses the following domains for their emails:

1. microsoft.com
2. microsoftsupport.com
3. mail.support.microsoft.com

If the email is from a different domain, it could be a phishing attempt. In your case, the sender's details appear suspicious, especially with the unusual formatting and the email address. It's advisable to exercise caution and not click on any links or provide any personal information until you can verify the legitimacy of the email.

You can also report the email as a phishing attempt if you suspect it is not genuine. For more guidance on identifying phishing emails, refer to resources on protecting yourself from phishing scams.

References:

• How do I know if an email from Microsoft support is genuine?

Hi @SQ,  

Welcome to the Microsoft Q&A forum.   

Thank you for sharing your concern about the email asking you to sign documents. We truly appreciate your vigilance in confirming before taking any action. 

The Q&A Assist response was accurate in stating that legitimate Microsoft communications are sent only from trusted domains, including microsoft.com, microsoftsupport.com, and mail.support.microsoft.com. 

Since the sender’s details in your email do not match these domains, it is very likely a phishing attempt. 

To help protect your account now and in the future, please consider the following best practices: 

1/ Please do not click any links or download attachments from suspicious emails. 

2/ Verify the sender’s domain carefully. If it looks unfamiliar or oddly formatted, treat it as suspicious. 

3/ Look for warning signs such as spelling mistakes, urgent language, or unusual formatting. 

4/ Report the email: 

• In Outlook, right click on the email → click Report → choose Report Phishing. 
• 

5/ Keep your devices and antivirus software updated to help block malicious content. 

If you have already clicked the link or entered your login details, please follow these additional steps for accounts managed by your organization: 

• Please change your password immediately. 
• Enable Multi-Factor Authentication (MFA) if not already active. 

You will need to contact your IT administrator immediately. They have the necessary permissions to: 

• Reset your authentication methods 
• Remove or reconfigure the Microsoft Authenticator app 
• Help you regain access to Microsoft 365 services 

This is important because organizational accounts often have security policies that prevent self-service recovery options. Your administrator can also check for any suspicious activity and secure your account if credentials were entered on a phishing site. 

I hope this information is helpful. Please follow these steps and let me know if it works for you. If not, feel free to share them in the comments on this post so I can continue to assist you. 

I look forward to hearing your thoughts on this. 

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have any extra questions about this answer, please click "Comment".  

Note: Follow the steps in our documentation to enable email notifications if you want to receive email notifications related to this topic.     

Enable Multi-Factor Authentication