The bad guys have crafted emails that spoof Office 365 and warn that your files are being “deleted”. They’re sending these emails to a great majority of Office 365 users.
If you click any links in the email you’re brought to a realistic-looking Office 365 login page, but the page is certainly not from Microsoft. If you enter your credentials here they’ll be stolen and sold to other criminals, or used to perform more complex attacks on your organization.
Remember, always hover over links to see where they’re taking you before clicking. Never click on links unless you’re certain the sender is legitimate. Whenever you get an email from an online service you use, log in to your account through your browser. Never click links in emails if you’re not sure whether the message is valid.
Stop, Look, and Think. Don’t be fooled.