The AI platform found many common features with other phishing
After analyzing a reader's suspicious "Microsoft 365" email, ChatGPT concluded it was "very likely a phishing scam" with 9899% confidence, citing multiple warning signs common to credential-stealing attacks.
The analysis highlighted scare tactics about account deactivation, vague language, a prominent "Verify Here" button, and an unrelated construction company disclaimerall hallmarks of phishing emails rather than legitimate Microsoft communications.
ChatGPT determined the verification button did not lead to Microsoft but instead redirected through a Google Barbados URL to a suspicious third-party website, illustrating how AI can help consumers identify online before they click.
A reader forwarded an email they received that they thought was suspicious. The email claimed to be from Microsoft 365 and warned the recipients email address, which was listed in the body of the text, was about to be deactivated.
We agreed it looked sketchy, but decided to have ChatGPT analyze it. We copied the text and asked the platform to render an opinion.
Based on what you've shared, I would rate this email as very likely a phishing scam (9899% confidence), ChatGPT responded.
Red flags
It pointed to several red flags, noting that several characteristics were consistent with Microsoft 365 phishing campaigns. For example, it tried to create a sense of urgency by warning an email account was about to be taken down.
Microsoft 365 does not typically send generic emails threatening immediate deactivation simply because an account is inactive," the analysis said. Legitimate notices usually include specific information about the tenant, administrator, subscription, or service changes.
The message also used very generic language. It never identified:
Your Microsoft 365 tenant
Your organization
Your administrator
Any specific reason for deactivation
Instead, it uses a vague statement designed to make recipients click. The body of the email also contained a verify here button.
Nearly all Microsoft account phishing campaigns rely on a prominent verification button that leads to a credential harvesting page or an OAuth consent screen, the analysis said. Microsoft specifically advises users not to follow email links when uncertain, but instead log into their account directly.
A strange footer
The email contains many other strange red flags, including a footer belonging to a construction company in Melbourne, Fla. So, where did the email actually come from?
ChatGPT was able to confirm that the link connected to the verify here button is not a Microsoft link. The destination is actually a Google Barbados (google.bs) address as an intermediate redirect to send you to another website.
The analysis gave us the URL of the website, but we arent including it because it is probably dangerous. But the lesson is clear: AI platforms can be useful tools for consumers who are trying to avoid a scam.
Posted: 2026-07-08 14:16:48
















