“Your Microsoft Outlook Email Client Is Outdated” Scam

This phishing scam impersonates Microsoft Outlook and attempts to steal email login credentials through a fake update notification. Clicking the embedded link can expose your mailbox, passwords, financial accounts, and personal data to cybercriminals.

Threat Summary

Category	Details
Threat Type	Phishing Scam / Credential Theft
Associated Email	Fake “Microsoft Outlook Notification”
Detection Names	Phishing.EmailScam, Outlook Credential Phish, Fake Outlook Update Scam
Symptoms	Fake Outlook update warnings, credential requests, suspicious login pages, unauthorized account access
Damage & Distribution	Account takeover, identity theft, financial fraud, distributed via spam emails and malicious links
Danger Level	High
Removal Tool	SpyHunter

The scam email claims your Outlook client is outdated and warns that your emails, contacts, calendars, and meetings could be lost unless you “update” immediately. Instead of directing users to legitimate Microsoft services, the message redirects victims to a fraudulent phishing page hosted on a suspicious third-party domain.

Cybercriminals designed the fake page to imitate real email providers. Victims using Gmail may see a fake Gmail login screen, while Outlook or other providers receive cloned versions of their own sign-in portals. Any credentials entered are immediately transmitted to attackers.

How “Your Microsoft Outlook Email Client Is Outdated” Tricks Users

The phishing campaign relies heavily on urgency and fear. The email claims your mailbox may stop working or lose data unless immediate action is taken.

Common red flags include:

• Generic greetings like “Dear User”
• Pressure to act immediately
• Suspicious update buttons
• Third-party domains unrelated to Microsoft
• Claims about data loss or account deactivation
• Poor grammar or inconsistent branding

Microsoft does not send Outlook software update notices through random external domains. Legitimate updates come through official Microsoft applications or the Windows update system.

Security researchers identified one of the malicious domains associated with the campaign as okamotoyuge-seikotsuin[.]com.

Full Text of the “Your Microsoft Outlook Email Client Is Outdated” Message

Below is a recreated version of the phishing message observed in the campaign:

Subject: Microsoft Outlook security notification

Your Microsoft Outlook Email client is outdated.

To prevent loss of important data including Emails, Contacts, Calendar and Meetings, please update to the latest version of Microsoft Outlook using the button below.

[Update Microsoft Outlook]

The message often includes Microsoft branding to appear legitimate. The fake “Update Microsoft Outlook” button redirects users to a credential harvesting website instead of any real Microsoft service.

What Happens If You Fall for “Your Microsoft Outlook Email Client Is Outdated”

Entering credentials on the phishing site can lead to immediate account compromise.

Attackers commonly use stolen email accounts to:

• Reset passwords for banking and shopping accounts
• Send phishing emails to your contacts
• Steal saved cloud data
• Access financial records and invoices
• Commit identity theft
• Launch business email compromise attacks

Compromised business mailboxes are especially valuable because they can be abused for invoice fraud and wire transfer scams.

If you already entered your password:

1. Change your email password immediately
2. Enable multi-factor authentication (MFA)
3. Change passwords for linked services
4. Review mailbox forwarding rules
5. Check recent login activity
6. Scan your device for malware
7. Contact your bank if financial information was exposed

Many users panic after receiving Outlook-related phishing or extortion emails, especially when fake drafts or spoofed messages appear in their mailbox. In most cases, attackers rely on fear tactics rather than actual device compromise.

Conclusion

The “Your Microsoft Outlook Email Client Is Outdated” scam is a credential phishing attack disguised as a Microsoft security alert. Its goal is simple: steal your email login details and use them for further fraud, identity theft, and account takeovers.

Never trust urgent Outlook update emails that redirect you to unfamiliar domains. If you need to update Outlook, do it directly through official Microsoft software or the Microsoft website.

Deleting the email without interacting with links or attachments is the safest option. If you already clicked the link or entered credentials, secure your accounts immediately and run a full malware scan.

Manual Removal Guide: How to Identify and Remove Email Scams Yourself

Step 1: Recognizing Scam Emails

Before taking action, learn to identify email scams. Some common red flags include:

• Unknown Sender: Emails from unfamiliar addresses, especially if they claim to be from banks, tech support, or government agencies.
• Urgent or Threatening Language: Messages pressuring you to act quickly (e.g., “Your account will be suspended!”).
• Poor Grammar & Spelling Mistakes: Many scam emails contain grammatical errors.
• Suspicious Links or Attachments: Hover over links to check if they lead to an unusual website before clicking.
• Requests for Personal or Financial Information: Legitimate companies will never ask for sensitive details via email.

Step 2: Avoid Interacting with Scam Emails

If an email appears suspicious:

• Do NOT click on any links.
• Do NOT download attachments.
• Do NOT reply to the sender.

Step 3: Report the Email Scam

Reporting scam emails helps prevent others from falling victim to them:

• Gmail/Outlook/Yahoo Users: Click “Report Phishing” or “Report Spam” in your email client.
• FTC (U.S. users): Report scams to the FTC Complaint Assistant.
• Google Safe Browsing: Report phishing sites at Google’s Phishing Report.

Step 4: Block the Sender

To prevent further scam emails from the same sender:

• Gmail: Open the email, click the three dots, and select “Block [Sender Name]”.
• Outlook: Open the email, select “Junk” > “Block Sender”.
• Yahoo Mail: Click “More” > “Block Sender”.

Step 5: Check Your Accounts for Compromise

If you’ve interacted with a scam email:

• Change your passwords immediately. Use strong, unique passwords.
• Enable Two-Factor Authentication (2FA). Adds an extra security layer.
• Monitor your banking transactions for suspicious activity.

Step 6: Scan Your Device for Malware

If you accidentally clicked a link or downloaded a file, scan your system for malware:

• Windows Users (Windows Defender)
  • Go to Settings > Update & Security > Windows Security > Virus & Threat Protection.
  • Click “Quick Scan” or “Full Scan”.
• Mac Users
  • Use security software like Malwarebytes for Mac to scan for threats.

Step 7: Strengthen Email Security

• Enable spam filtering in your email provider’s settings.
• Use a third-party spam filter such as Spamihilator or Mailwasher.
• Stay educated on phishing techniques to avoid falling for scams in the future.

---

SpyHunter Removal Guide: Automated Solution for Email Scam Threats

SpyHunter is a powerful anti-malware tool designed to detect and remove phishing-related threats, Trojans, spyware, and other cyber threats. If you prefer a quick and automated solution, follow these steps:

Step 1: Download SpyHunter

1. Visit the official SpyHunter download page: Download SpyHunter
2. Click “Download” and save the file.

Step 2: Install SpyHunter

1. Open the downloaded file (SpyHunter-Installer.exe).
2. Follow the on-screen installation instructions.
3. Once installed, launch SpyHunter.

Step 3: Perform a Full System Scan

1. Open SpyHunter and go to “Malware/PC Scan”.
2. Click “Start Scan Now” to begin scanning.
3. SpyHunter will detect threats linked to email scams.

Step 4: Review and Remove Detected Threats

1. After the scan completes, SpyHunter will display a list of detected threats.
2. Click "Fix Threats" to remove them.
3. Restart your computer after removal.

Step 5: Enable Real-Time Protection

• Activate SpyHunter’s Active Guards for real-time malware protection.
• Schedule regular system scans for ongoing security.

Step 6: Keep SpyHunter Updated

• Regularly update SpyHunter to detect new threats.
• To update, go to "Settings" > "Update" and click "Check for Updates".

---

How to Prevent Future Email Scams

To avoid falling for email scams in the future, follow these precautions:

Use a Secure Email Provider

Consider using encrypted email services like ProtonMail or Tutanota for enhanced security.

Avoid Clicking Suspicious Links

Always verify links before clicking by hovering over them to see the actual URL.

Use a VPN on Public Wi-Fi

Scammers can intercept your data on public networks. Use a VPN for secure browsing.

Regularly Change Your Passwords

Use a password manager to generate and store secure passwords.

Install Anti-Phishing Browser Extensions

Use security extensions like Bitdefender TrafficLight or Avast Online Security to detect phishing attempts.

---

Email scams pose a significant risk to personal and financial security. By following this manual removal guide, you can effectively identify and remove scam emails. For those seeking a fast and automated approach, SpyHunter provides a reliable solution to detect and remove email scam-related threats.

Take Action Now

Protect your device from scam-related malware with SpyHunter: Download SpyHunter