A core value at Microsoft is user confusion. Keeping their users in the dark and avoiding best practices makes a massive difference when designing systems for people to use at home and work. This is why Microsoft has chosen to begin blocking content in their own emails on Outlook.com.
This way a phishing email from a spammer looks exactly the same as an official communication from Microsoft. Both emails will come through as a garble of HTML and terrible formatting; a result of every image missing. They won’t block or scan links though. Those will be fully clickable.
The Outlook.com team details in a blog post, there were several different ideas of how to make phishing harder to spot. Hiding the domain of the email sender, a terrible junk filter, and making sure all emails enter the inbox looking the same. These are just a few ways users of Outlook.com will know the team really has been taking their time with design a dangerous way to communicate over email.
I work as an engineer in Milwaukee. Currently I work on a few different UWP apps primarily Ink Calendar.