Hope everyone’s well and staying safe and sound. This community is really awesome and has helped me numerous times educating myself and becoming more vigilant. So, today, one of our users reported that they received an email stating their ‘Microsoft Office Passcode’ has expired and they must click a link to ‘Fix Password’. The user did not click the link and reported it to IT.
Now the question is what can I do about this? It seems that the domain from which the email was sent is either spoofed/hacked, not sure about this. Attaching the email screenshot for your reference.