Share via

Is this a scam/phishing email? I don't recall signing up for

JCK_CPA_MS 0 Reputation points
2025-11-06T17:43:24.3233333+00:00

from: Microsoft Surface ******@email.microsoft.com

reply-to: MSSFB@microsoft.com

to: ******@myself.eye

date: Nov 6, 2025, 6:07 AM

subject: Thanks for registering for this Microsoft webinar

mailed-by: bounce4.email.microsoft.com

signed-by: email.microsoft.com

security: Standard encryption (TLS)

Microsoft Surface https://www.microsoft.com/surface/business

Endpoint Security in a World of Anywhere Work

Join industry experts in the "Endpoint Security in a World of Anywhere Work" webinar to examine endpoint threats and explore device solutions.

Watch now https://emails.microsoft.com/dc/...

Thanks for registering for this on-demand webinar.

Surface | Other
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2025-11-06T17:43:59.7433333+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To determine if the email you received is a phishing scam, consider the following points:

    1. Sender's Email Address: Check if the sender's email address is from a legitimate Microsoft domain. Emails from Microsoft support typically come from domains like microsoft.com, microsoftsupport.com, or mail.support.microsoft.com. If the email is from a different domain, it may be a phishing attempt.
    2. Content of the Email: Look for inconsistencies in the email content, such as typos, outdated logos, or requests for personal information that legitimate emails would not ask for.
    3. Registration Confirmation: If you do not recall signing up for the webinar, this could be a red flag. Legitimate companies usually provide a way to verify your registration.
    4. Links in the Email: Hover over any links in the email without clicking them to see if they lead to legitimate Microsoft websites. Be cautious of shortened URLs or links that do not match the expected domain.
    5. Security Features: The email mentions standard encryption (TLS), which is a good sign, but it is not definitive proof of legitimacy.

    If you suspect the email is a phishing scam, do not click on any links or provide any personal information. You can report the email to Microsoft for further investigation.

    References:

    0 comments
  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

  3. Barb Bowman 80,355 Reputation points MVP Volunteer Moderator
    2025-11-06T21:08:45.4533333+00:00

    I'd have to see the full header, but if YOU substituted me myself eye for your email, it could be legit. I registered and the header looks like thus (I edited my email address for privacy)

    Delivered-To: ******@gmail.com

    Received: by 2002:a17:906:7c47:b0:b72:7c5b:a97e with SMTP id g7csp1219594ejp;

        Thu, 6 Nov 2025 12:58:33 -0800 (PST)
```X-Google-Smtp-Source: AGHT+IEXYEepuJJkaQqeHk2IcJGygXrKkVuk+yEqBNG/Wrne1FvTPfAX1hJ8YKFleJo0YYda3XIj

X-Received: by 2002:a05:6a20:a10e:b0:34e:409e:eea3 with SMTP id adf61e73a8af0-35229c47631mr1193692637.30.1762462712939;

```sql
    Thu, 06 Nov 2025 12:58:32 -0800 (PST)
```ARC-Seal: i=1; a=rsa-sha256; t=1762462712; cv=none;

```powershell
    d=google.com; s=arc-20240605;

    b=hVa7wewUZX7B1+BPMGimuUUCh3y5hyCy7Lpg/ZOvXZjncP+2Bvtr1u5f5fQeNvUXkx

     vssiRDgKyRSrkLqmOV8NKX9VM8EL1b1Ltvh62ZICy2PBO5ZSC+sra7bhHJi4aBBum2JK

     VFy4xmWHKq+3l9rf+ykUgDphDHQWN2U+TXUu/mDWdNR5kPox5yPBdejcRcwiLcdI3V7u

     oLLV067jGVm8zLBEZ2/BjWgEB2OVN6tIU7qdwfKSZskbQ3Bb2cVbPA4BIqZKcFRMhJXM

     M9kwC1lh0kraWn1ITtL/v3DuF5e+7ttQdUBx4ompB2qnAckrIQQ2wy60jjb5DPRMQg2/

     0T3g==
```ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

```ruby
    h=mime-version:subject:message-id:to:reply-to:from:date

     :dkim-signature:dkim-signature;

    bh=H5iuXYfI9ZZDTktqixZUxYu4EXmwrRBeerWr/9YoCAE=;

    fh=8JJ21sGZQzSnYCo7vNjAreV0uG8m89LqOpVbE/YjryE=;

    b=f2AHss0v8WJ8SH0ZIpxLoLwvUAmLMNV5B4OjueCx9fKHAxJt9rm/pMMl7jXMQNqX0Q

     4QMRHMp1+QTlZuICBDSHmJ0ta2czStX/XIb22JA2ueUQOp84rQMsrrHqMI4UIQ0LcGXL

     pRsdjlqjO94KOn2PuyMSzw3AXOwMiCSSfnSpls61vuv9fc5ealMs2JizU1tU+NOH8e8O

     OvBlj98uwe/OIz6l6NdJcOkBZdXY26Iv97G9QLWk0KNDFj06swz1W70HI7BQrXTcVjfE

     K734vWWOhRx9zZJ6Fz9zYAT/na9N4MTD42HFen3uksgy26ajnGjpYlwdEJSAR0XwX5CE

     jZrA==;

    dara=google.com
```ARC-Authentication-Results: i=1; mx.google.com;

```ruby
   dkim=pass header.i=@email.microsoft.com header.s=m1 header.b=cCR1RsVO;

   dkim=pass header.i=@mktdns.com header.s=m1 header.b="XlKUe/e3";

   spf=pass (google.com: domain of ******@bounce4.email.microsoft.com designates 199.15.214.202 as permitted sender) smtp.mailfrom=******@bounce4.email.microsoft.com;

   dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com
```Return-Path: <******@bounce4.email.microsoft.com>

Received: from bounce4.email.microsoft.com (bounce4.email.microsoft.com. [199.15.214.202])

```python
    by mx.google.com with ESMTPS id d2e1a72fcca58-7b0cc065091si326170b3a.389.2025.11.06.12.58.32

    for <******@gmail.com>

    (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

    Thu, 06 Nov 2025 12:58:32 -0800 (PST)
```Received-SPF: pass (google.com: domain of ******@bounce4.email.microsoft.com designates 199.15.214.202 as permitted sender) client-ip=199.15.214.202;

Authentication-Results: mx.google.com;

```ruby
   dkim=pass header.i=@email.microsoft.com header.s=m1 header.b=cCR1RsVO;

   dkim=pass header.i=@mktdns.com header.s=m1 header.b="XlKUe/e3";

   spf=pass (google.com: domain of ******@bounce4.email.microsoft.com designates 199.15.214.202 as permitted sender) smtp.mailfrom=******@bounce4.email.microsoft.com;

   dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com
```X-MSFBL: Ms/LuCT8tNzwNoWV/cF3ZHY3F5MHR84KK1dWq8mJMDY=|eyJiIjoiZHZwLTE5OS0 xNS0yMTQtMjAyIiwiZyI6ImJnLXNqZC05MiIsInUiOiIxNTctR1FFLTM4MjowOjE 4MTQyMzU6NzczNzg5MjowOjE3MDUwMzI6OTo1NjA1NTQ5OjE2OTk2MjUwODMtMjk iLCJyIjoibXZwbm90aGFja2VkQGdtYWlsLmNvbSJ9

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1762462711; s=m1; d=email.microsoft.com; i=@email.microsoft.com; h=Content-Type:MIME-Version:Subject:To:From:Date; bh=H5iuXYfI9ZZDTktqixZUxYu4EXmwrRBeerWr/9YoCAE=; b=cCR1RsVO/Dse0wiGF8HkFkAs7/3ZVJEqlYNNNk3jtUK18h95q4zIVU3uwdkJkft4 7WcmmNtbejkvO5vuujXLG7O+/6p8f1pKVHUiiUGHq0GhtVHY9h8ylKc1GaF6trNGslB 4l5mKZU+QKvaLG9brRYVz8uTRh3c+s/JbIbLcDLI=

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1762462711; s=m1; d=mktdns.com; i=@mktdns.com; h=Content-Type:MIME-Version:Subject:To:From:Date; bh=H5iuXYfI9ZZDTktqixZUxYu4EXmwrRBeerWr/9YoCAE=; b=XlKUe/e3Gkdh+wLS+SpB/++K3OiPVjL/f29jt2KAKEyfHG3cB/mtpY17UWFnaCjV sTtild+y/9qA/IyFRKyIrZ5h0UwBvENT8UynegcWlrNwWwaay/POcoUc2WQLtmD1CCO mp47XpytjAEztstOo/2n9PHk/lD1c7OhNpfNY36g=

Date: Thu, 6 Nov 2025 14:58:31 -0600 (CST)

From: Microsoft Surface <******@email.microsoft.com>

Reply-To: MSSFB@microsoft.com

To: ******@gmail.com

Message-ID: <******@sjmktmail-trigger1e.marketo.org>

Subject: Thanks for registering for this Microsoft webinar

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="----=_Part_4064325_272361941.1762462711741"

X-Binding: bg-sjd-92

X-MarketoID: 157-GQE-382:0:1814235:7737892:0:1705032:9:5605549:1699625083-29

X-Mailfrom: ******@bounce4.email.microsoft.com

X-MktArchive: false

X-MSYS-API: {"options":{"open_tracking":false,"click_tracking":false}}

X-MktMailDKIM: true

------=_Part_4064325_272361941.1762462711741

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 7bit

Watch on demand: Endpoint Security in a World of Anywhere Work

Having trouble viewing this email?

<[[https://www.microsoft.com/surface/business]]>

Endpoint Security in a World of Anywhere Work

 

Join industry experts in the "Endpoint Security in a World of Anywhere Work" webinar to examine endpoint threats and explore device solutions.

Watch now <https://emails.microsoft.com/dc/zSgS2A6q0riGfHtfc6vB4o2EDiQ6lN3O6qiMomONyUJ-sZK3T-H6nByX0nz9Z6_g_VMS95HnGz63E9zneDuwmKfFb-lopLzQnxPUWrlzAx9lVp-bNB8sq_0up-sJMY2w9ZRisOqDYog7NMT7Z3bhzw==/MTU3LUdRRS0zODIAAAGd-e9vsabRv5vYSPRpWmfjPGPm8qbc3t76UhmclFPPnRsnnPaHC95qEW03JhAV0hpUA-fUPwo=>

Thanks for registering for this on-demand webinar.

Facebook <https://emails.microsoft.com/dc/uq3EykqQY7h0Yyhe2BWhMA54Y81E5aWaEXPp8hxWpKjq9dMvK3o5pSaej725LW-D/MTU3LUdRRS0zODIAAAGd-e9vsabRv5vYSPRpWmfjPGPm8qbc3t76UhmclFPPnRsnnPaHC95qEW03JhAV0hpUA-fUPwo=>

X<https://emails.microsoft.com/dc/u8oZOJAd-CVEcjoxZLybYz3sYyfSWi5Zi3JkhOwS8NuMMUVj-WozuLBFZvK9RF-B/MTU3LUdRRS0zODIAAAGd-e9vsabRv5vYSPRpWmfjPGPm8qbc3t76UhmclFPPnRsnnPaHC95qEW03JhAV0hpUA-fUPwo=>

YouTube <https://emails.microsoft.com/dc/M9Y3nowLDCcEv8uSbJAkaS8jXnpz8EOJlYKmt8qLKRSwTSHjRrrwa6GDShJfu5zs/MTU3LUdRRS0zODIAAAGd-e9vsabRv5vYSPRpWmfjPGPm8qbc3t76UhmclFPPnRsnnPaHC95qEW03JhAV0hpUA-fUPwo=>

LinkedIn <https://emails.microsoft.com/dc/fG5-PlwEnZR-IoSdwCtjIpTVr9AsJHNwc_srhy7U9rXQHbFSwJIYiPgCEE2-LTR4/MTU3LUdRRS0zODIAAAGd-e9vsabRv5vYSPRpWmfjPGPm8qbc3t76UhmclFPPnRsnnPaHC95qEW03JhAV0hpUA-fUPwo=>

Instagram <https://emails.microsoft.com/dc/WhZcq50CsoLLiaLsfDq43sVHzOlvTnpzPaSuzdE5W2pYlNXVnFtFcepu8J29jJdu/MTU3LUdRRS0zODIAAAGd-e9vsabRv5vYSPRpWmfjPGPm8qbc3t76UhmclFPPnRsnnPaHC95qEW03JhAV0hpUA-fUPwo=>

Pinterest <https://emails.microsoft.com/dc/0pJJ_y_ObF2UmNML1anXIuFIYrydk_UT6rms6XDaCoWqCmZpyxriGWtWZVVDXOmP/MTU3LUdRRS0zODIAAAGd-e9vsabRv5vYSPRpWmfjPGPm8qbc3t76UhmclFPPnRsnnPaHC95qEW03JhAV0hpUA-fUPwo=>

Copyright 2025 Microsoft Corporation. 

 Privacy Statement <https://emails.microsoft.com/MTU3LUdRRS0zODIAAAGd-e9vsQ5pkl-sRUTED51oOTvEf4PHuQXyESfmwwkknFuQJlBFKD--lWtmXfvT6IzZUtAfIR0=> 

Microsoft Corporation<br>One Microsoft Way<br>Redmond, WA 98052 

 <https://emails.microsoft.com/MTU3LUdRRS0zODIAAAGd-e9vsfN74n1hms2_7vBZz2bicTQY_gcINBHVAd-_pc4JyG0O8uskCXogig8IrHA2FYsXBjk=>
    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.