A legitimate Microsoft email address, no-reply-powerbi@microsoft.com, is currently sending scam emails, misleading recipients into thinking they've been charged $399 for a transaction. This email, tied to Microsoft’s Power BI service, is supposed to send subscription emails to users who opt in. Microsoft had advised that customers add this address to their allow lists to avoid spam filters blocking it. However, scammers are now exploiting this trust to promote fraudulent activities. One victim reported receiving the scam email, which included a phone number for disputing the charge. When she called, the person on the line instructed her to download a remote access application, likely to take control of her computer. This method of deception has been corroborated by multiple reports from others who received similar emails. Notably, some of these reports have appeared on Microsoft's own website, indicating a broader issue. Sarah Sabotka, a threat researcher at Proofpoint, explained that the scammers are manipulating a Power BI feature allowing external email addresses to subscribe to reports. The mention of this subscription is subtly placed at the bottom of the email, making it easy to overlook. This tactic not only takes advantage of the legitimate email address but also the trust customers place in Microsoft.