Is this OneDrive document phishing a scam?

If you clicked a link: Close the page; don't enter login, codes, or card details.If you entered credentials, change them and enable app-based 2FA.Watch for follow-up 'security' messages - they're part of the scam.

If you paid: Contact your bank or card provider immediately to stop or reverse the payment.Keep evidence (screenshots, references) and report it to your cybercrime authority.Don't pay anything further to 'fix', 'refund', or 'recover'.

If you shared a code, OTP, or login: Never share a one-time code, even with 'support' or a familiar-sounding caller.If you shared one, secure that account and enable app-based 2FA now.Tell your bank if the code related to a payment or banking login.

If you only clicked the link but entered nothing: close the page, don't enter anything, and watch the linked accounts for unusual activity. Full steps →

If you entered card details: contact your bank now to freeze the card and dispute charges, then watch your statement. Full steps →

If you shared an OTP or one-time code: the scammer may be logging in right now - change the password, sign out other sessions, and turn on app-based 2FA. Full steps →

If you sent money: contact your bank or payment provider immediately to try to stop or recall it, and report it. Full steps →

If you installed an app / gave remote access: disconnect from the internet, uninstall it, and change key passwords from a different, trusted device. Full steps →

If you shared passport, ID, or KYC documents: watch for identity theft, consider a credit freeze or fraud alert, and keep the evidence. Full steps →