• Facebook
• LinkedIn
• WhatsApp
• X
• ShareCopied to clipboard

Email scams are nothing new, but over the last few months we’ve seen a sharp rise in fake Microsoft 365 invoices, DocuSign requests, and “final notice” payment emails landing in inboxes across our clients in East Yorkshire. Some of them look incredibly convincing, correct branding, real names, even genuine-looking invoice numbers.

And that’s what makes them dangerous.

These scams work because they target busy people. Someone in accounts, a receptionist trying to get through emails quickly, or a business owner replying between meetings. One click is all it takes to expose passwords, hand over financial access, or install malware silently in the background.

The good news is that once you know what to look for, these emails become far easier to spot.

---

1. Why Microsoft 365 and DocuSign scams are increasing

Two simple reasons:

1) They look trustworthy

Everyone knows Microsoft. Everyone trusts DocuSign. So scammers use them to sneak under the radar.

2) Most businesses do have subscriptions or use e-signatures

Which means these emails don’t feel out of place.
A fake “Microsoft 365 Renewal” or “Your DocuSign Document is Ready” blends perfectly into a normal working day.

And the scammers know it.

---

2. The common signs of a fake email (even the convincing ones)

Here are the red flags we’re seeing time and time again when supporting customers.

1) The sender address is slightly off

Scammers love small changes:

• @micr0soft-support.com
• @docusiqn.net
• @outlook-security-mail.com

It looks right at first glance, and that’s the trick.

2) Unexpected urgency

Phrases like:

• “Your account will be suspended in 24 hours.”
• “Final renewal notice – immediate payment required.”
• “Please sign this document today to avoid delay.”

Legitimate companies rarely use threats or pressure tactics.

3) Links that don’t go where they claim

Hover your mouse over the link (don’t click):
If the preview shows a strange website, a long string of letters, or anything that’s not an official domain, it’s a scam.

4) Slight spelling or formatting mistakes

Scammers are getting better, but little tells still slip through, wrong spacing, odd wording, USA-style dates.

5) Attachments without explanation

PDF invoices, ZIP files, or Word documents labelled things like “Billing Statement” or “Outstanding Invoice.”
Microsoft and DocuSign rarely send unsolicited attachments, that alone is a warning sign.

---

3. What to do if you think an email looks suspicious

Step 1: Don’t click anything

No links, no attachments. Even previewing a file can be enough to start trouble.

Step 2: Check with the real source

• Call Microsoft 365 support
• Log in to your own Microsoft admin portal
• Ring the colleague or supplier directly
  Don’t use the phone numbers in the email, scammers include fake ones.

Step 3: Screenshot the email and delete it

If you’re unsure, send a screenshot to us at System Plus and we’ll confirm it.
Never forward the original email as it could spread the threat.

Step 4: Report it

In Outlook, click Report Phishing. This helps Microsoft block similar attempts.

---

4. Best practices every business should follow (non-technical and simple)

1) Enable Multi-Factor Authentication (MFA)

This alone stops the majority of account compromises, even if a scammer gets your password.

2) Use strong, unique passwords

Password123 won’t cut it.
Passphrases (like “ThreeGreenHorsesEatingCake!”) are far stronger and easier to remember.

3) Train staff to pause before clicking

A 3-second rule:
Look at the sender. Look at the link. Ask yourself if it feels right.

4) Keep Microsoft 365 up to date

Microsoft continually adds new filtering and warning features, but outdated accounts miss out.

5) Never pay an invoice from an email alone

Always verify through:

• your supplier portal
• your accounts system
• a known phone number
• or your internal process

Invoice fraud is becoming more common than virus infections.

---

5. What System Plus is seeing locally

Across Pocklington, York, Hull and surrounding areas, we’ve helped customers deal with:

• Fake Microsoft 365 licence renewals
• Fake domain expiry notices
• Fake DocuSign HR documents
• Fake payroll and invoice PDFs
• Fake “You’ve been locked out of your account” alerts

Most were caught just in time. A few weren’t, and the clean-up takes much longer than people expect.

---

6. How System Plus can help

We offer practical, human-friendly support:

• Checking suspicious emails
• Enabling MFA and secure sign-in
• Improving spam filtering
• Setting up safe sender and blocked sender lists
• Security awareness training
• Helping you create simple in-house rules for verifying invoices and DocuSign forms

If you want peace of mind, we’re happy to have a chat, no jargon, just clear advice.

---

Final thoughts

Email scams aren’t going away. In fact, they’re getting smoother, more professional-looking, and harder for the average worker to spot.

But with a few simple habits and a bit of awareness, your team can stop the majority of threats before they cause damage. And if you ever feel unsure, send it our way, better safe than sorry.