York University and other organizations are experiencing an ongoing scam campaign leveraging an official Microsoft email address to send fraudulent order confirmations to users. The campaign abuses the official microsoft-noreply@microsoft.com email address to send fraudulent purchase notifications to York University's community. 

The objective of this scam is to get recipients to call the scammers' phone number in the email in an attempt to understand why they received the email or to get a refund. The scammers will purport to be Microsoft representatives and attempt to obtain sensitive information from the caller such as credit card details. Alternatively, the scammers may claim that the fraudulent order is a result of the caller's computer being hacked, and will request remote access to "remediate" the situation. If allowed access, the scammers will attempt to drain bank accounts, steal sensitive files, and/or deploy malware onto victims' computers.

A sample scam email is pictured below:

 

York University's Information Security team is aware of this email campaign and periodically purges instances of this scam that get past filtering.

If you receive such a scam email, please refrain from replying to it or calling the phone number within. Suspicious emails can be reported by clicking on the Report Phishing button or by forwarding them to phishing@yorku.ca.

If you have already called the scammers' phone number, please reach out to York University's Information Security team at infosec@yorku.ca with details about the interaction and any activities performed by the scammers.