Deal with abuse, phishing, or spam in Outlook.com

Here's how to deal with online abuse, phishing scams, and junk email sent to or coming from Outlook.com accounts.

Reporting abuse

  • If you're being threatened, call your local law enforcement.

  • To report harassment, impersonation, child exploitation, child pornography, or other illegal activities received via an Outlook.com account, forward the offending email to abuse@outlook.com. Include any relevant info, such as the number of times you've received messages from the account and the relationship, if any, between you and the sender.

  • To report abuse received from a non-Outlook.com account, go to http://abuse.net to identify the correct abuse reporting address.

Recovering your account after it's been hacked

If someone has gotten into your Outlook.com account, or you got a confirmation email for a password change you didn’t authorize, you can recover your account. See My Outlook.com account has been hacked for more information.

Protecting yourself from phishing scams

A phishing scam is an email that seems legitimate, but is an attempt to get your personal information or steal your money.

  • Never reply to an email that asks you to send personal or account information.

  • If you receive an email that looks suspicious or asks you for this type of information, never click links that supposedly take you to a company website.

  • Never open any file attached to a suspicious-looking email.

  • If the email appears to come from a company, contact the company's customer service via phone or web browser to see if the email is legitimate.

  • Search the web for the email subject line followed by the word hoax to see if anyone else has reported this scam.

If you believe you've received a phishing scam, report the email by selecting the arrow next to Junk and choosing one of the following options.

  • Junk Use this option for routine unwanted email.

  • Phishing scam Use this option for an email that is trying to trick you into giving out your personal information such as your password, bank account information, or Social Security number.

  • My friend's been hacked Use this option if you start getting junk email or phishing scams from a sender you would normally trust.

Six common types of scams

Here are six of the most common types of scams, along with additional tips on how to recognize them.

"Verify your account now or we'll close it!"   

The scam:    You get an email that looks like it's from your bank, or an e-commerce service like PayPal or eBay, or from your email provider, warning that your account will be suspended or closed unless you “verify” your account by replying with your account info.

What the scammer wants:    In the case of bank or e-commerce scams, they want your personal info so they can steal your identity, empty your bank accounts, and run up charges on your credit card. If it’s supposedly from your email provider, the scammer wants your email account user name and password so they can hack your account and use it to send out junk email.

Additional clues that it’s a scam:    It demands an urgent reply (for example, “You must verify within twenty-four hours”). This gives you little time to research if it’s legitimate.

Actions you can take:    First and foremost, do NOT reply with any personal or account info, matter how dire the warnings sound.

  • If it's a bank or an e-commerce site, contact the company's customer service department via phone or the online to see if the email is legitimate.

  • If it claims to be from Outlook.com, forward the email to report_spam@outlook.com.

"A large sum of money can be yours, just send your personal info or some cash."   

The scam:    There’s money sitting in some account that some official-sounding person wants to share with you. All you have to do is send him your personal info or some money.

What the scammer wants:    Sometimes they just want you to send them money. Other times they want your personal info so they can steal your identity, empty your bank accounts, and run up charges on your credit card

Additional clues that it’s a scam:    

  • Any deal that involves an international bank, or where you have to send your info or cash overseas should be highly suspect.

  • There’s often an element of larceny. Maybe the money isn’t really yours or theirs, but the rightful owner is dead, or a corrupt official, or some faceless company who will never miss it. Or the money is supposedly yours, but some other party is trying to steal it.

  • If there’s anything at all suspect about the deal, or if you don't understand why someone you don't know is making you (out of all the people in the world) this offer, you can bet that you’re being conned.

Actions you can take:    First and foremost, do NOT reply with any personal or financial info, matter how tempting the offer sounds.

  • Go to a hoax-debunking website like snopes.com and search on the email’s subject.

  • Report the email as a Phishing scam (see above).

"You're our big winner!"   

The scam:    Congratulations! You just won the lottery! Or you were entered in a Microsoft sweepstakes and you’ve won the jackpot!

What the scammer wants:    Your personal info so they can steal your identity and empty your bank accounts.

Additional clues that it’s a scam:   

  • You were entered in the lottery or sweepstakes without your knowledge or permission.

  • They ask for your bank info so they can make a direct deposit.

  • The purpose of a sweepstakes is so the company can gather personal info via the form you fill out when you enter. They then sell that info or use it to market their products and services to you. No legitimate sweepstake needs you to give them your info—you already did.

Actions you can take:    First and foremost, do NOT reply with any personal or financial info, matter how tempting the offer sounds.

  • Go to a hoax-debunking website like snopes.com and search on the email’s subject.

  • Report the email as a Phishing scam (see above).

"Help! I'm stranded!"   

The scam:    A friend of yours is on vacation and got stranded. They need you to wire them some money, fast!

What the scammer wants:    For you to send them some money.

Additional clues that it’s a scam:    This one can be tougher to spot. Typically, the scammer has hacked your friend’s email account and sent this “emergency” email to your friend’s contact list. The sender email address will be legitimate. The salutation might even be personal (“Dear Joe”) but is the email really from your friend?

Actions you can take:    Before you do anything else, stop and do a reality check.

  • Pick up the phone and call your friend. If you can’t get a hold of them, try contacting mutual friends.

  • Ask yourself the following questions:

    • The email probably says they are desperate and don’t know where else to turn, but do the two of you have the sort of relationship where they would turn to you for such a request?

    • Did they say anything to you earlier about taking a trip?

    • What’s the likelihood of your friend being in the situation the email claims they are in, of doing whatever the email claims they have done?

    • Does it sound like your friend?

  • Unless you can contact your friend or a reliable mutual friend by some method other than email, you should probably assume it's a scam. Report it as My friend's been hacked (see above).

"If you (don’t) forward this email, something (bad) good will happen!"   

The scam:    Forward this email and Microsoft will send you $500! Forward this petition to keep Outlook.com a free service! Warn all your friends about this scary computer virus!

What the spammer wants:    To watch their hoax go viral and brag to their spammer friends.

Actions you can take:   

  • If it’s about a computer virus or other security threat, go to the website for your antivirus software and look at the latest threat info.

  • Go to a hoax-debunking website like snopes.com and search on the email’s subject.

  • Report the email as Junk (see above).

Spoofing, or receiving an email from yourself

If you receive an email message from yourself and you know you didn't send the message, you can report this email and then delete it. Spammers can use a technique called "spoofing" to try to trick you into thinking the message is safe to open.

For more information

To learn more about email and web scams, see the Microsoft Safety & Security Center.

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!

×