Hearing Itinerant Tracy Mack forwarded me this email which immediately raised red flags for phishing and spam.

Originally, I believed that this was a very slick example of phishing.

Except… it’s not! It’s referring to a personal OneDrive account, not a CASE OneDrive account, and Microsoft does indeed have a policy of freezing, and then deleting accounts that have gone unused for 2 years.

Here are the signs that this could actually be a legit email:

  • The “From” field includes an address that is “onedrive.com” which is a legitimate address. (A scam email might slip in another word before the .com, like “onedrive.freescam.com”
  • There are no misspellings or grammatical errors.
  • When I placed the mouse cursor over the links, the bottom of my browser reveals what URL address they go to. In this case, they all also go to onedrive.com. It would be very difficult for the bad guys to put scam webpages on Microsoft’s own servers.
  • Googling “OneDrive” and “Your account will be deleted” brings up a Microsoft support page explaining that these messages are legitimate. Link. Note that the responder is listed as a “Moderator” indicating that they are a Microsoft employee.

So I might question the way Microsoft communicates this issue but it is not scam.