The company recently posted a related warning on its Windows Security blog. From that post:
The said spam emails use social engineering techniques — spoofing brands, pretending to be legitimate communications, disguising malicious URLs — employed by phishers to get recipients to click suspicious links … However, instead of pointing to phishing sites designed to steal credentials, the links lead to tech support scam websites, which use various scare tactics to trick users into calling hotlines and paying for unnecessary "technical support services" that supposedly fix contrived device, platform, or software problems.
The concept isn't new, but the means (getting people to panic and pursue tech support) to the end (stealing innocent victims' money) is slightly different.
People who use Microsoft Exchange Online Protection (EOP) for Office 365 and Outlook.com are protected from the ploy, because anti-spam filters in those products identified characteristics of phishing emails and blocked the dangerous messages, according to Microsoft. And the company's Edge browser can also block pop-up boxes and or dialog loops created by tech support scam websites, Microsoft says.
The company also says three million online users encounter tech support scams every month, though these new phishing-type ploys appear to be new and could increase that number.
