Looking at the email there are some clues. First, the reply address, “AutoReply <email@example.com>”, is obviously not Microsoft. Next, if you hover your mouse over the link “Cancel deactivation”, you will see that the link takes you to a domain that is in “.io” instead of the “.com”. I am fairly sure that Microsoft will use one of their own domains. Thirdly, if you look toward the bottom of the email where it says “Sincerely, 2018 © Micro soft Data.”, in my opinion, the people at Microsoft know how to spell Microsoft.
The point here is, pay attention to the emails you receive. Don’t click on any links in an email without checking on the link, even if you know the person it is from. Look for obvious foibles that just should not be. One of the best security tools any company has is the common sense of their employees.
Roy M. McKenzie