- \n
- You are logging in with a device that you have never used before<\/li>\n
- Your location is significantly different from where you usually log in<\/li>\n
- You are giving the application or software access to your account<\/li>\n
- You are logging in from an unknown IP address<\/li>\n<\/ul>\n
Suppose you have not done any of the above but received a security warning. In that case, spammers sent you this email and it may contain a phishing link<\/a>. Alternatively, that could be the message which shows that someone attempted to log into your account and triggered the system.<\/p>\n
![\"Genuine](\"https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2022\/10\/935f9b8f-9d8d-4923-99fa-e575b84b2d7b.png\" "\\"\\"")
This is what the original letter from Microsoft looks like<\/figcaption><\/figure>\n What should I do if I get mail about Microsoft’s unusual sign-in activity?<\/h2>\n
So, if this email from Microsoft were genuine, the system will block the login attempt, especially if it is a new device. To continue, you must follow the instructions on the login page to enter a security code, which will be sent to your phone or in another way you specified when you registered. Without the security code, you will not have access to your Microsoft account. This measure is made to prevent the crooks from account hijacking.<\/p>\n
How can I spot a Microsoft account scam?<\/h2>\n
The following tips will help you learn to distinguish phishing emails from genuine emails. The main thing is not to give in to emotions and haste. Why phishing is still the most common cyber attack<\/a>?<\/p>\n
Check the sender<\/h3>\n
No matter how hard scammers try to copy<\/a> Microsoft’s email format, they cannot spoof an official email address<\/strong>. To verify the authenticity of the alert, check the sender’s address. For example, the official email address for the Microsoft customer care team is account-security-noreply@accountprotection.microsoft.com<\/strong>. Make sure each letter in the address is correct, as a hacker may use similar addresses with slight differences. If the email is different, know it is a fake email trying to lure you in.<\/p>\n
![\"Phishing](\"https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2022\/10\/Outlook.com-Microsoft-Team-Phishing-Attack-1.jpg\" "\\"\\"")
One of the many phishing senders<\/figcaption><\/figure>\n Investigate the message format<\/h3>\n
Hackers sending spoofed emails with phishing warnings mostly count on people’s fear and vulnerability<\/a>. Consequently, they may miss some trivialities in the format of the messages. For example, a popular Microsoft email with spam about unusual login activities was sent by users who signed like Microsoft Security Essentials or Microsoft Team Office Center. This format is so sloppily written that a cursory analysis will show you that it is a fake. Microsoft’s account team always uses the original email about unusual login activity.<\/p>\n
![\"Microsoft](\"\/blogs\/wp-content\/uploads\/2022\/07\/env02.webp\" "\\"\\"")
<\/a><\/p>\nMicrosoft Security Essentials, written in the fake email, is the name of the built-in security features in older Windows operating systems. Also, Microsoft Teams is a product with nothing to do with the Microsoft Team Office Center. Therefore, it is essential to carefully examine your email to look for red flags<\/a> indicating that the email is fake.<\/p>\n
Note where the link takes you<\/h3>\n
Most phishing emails have a link or button, usually marked “View recent activity”. If you click on this link, you will be taken to a fake Microsoft login page. Note the address. The original Microsoft login address is login.live.com<\/strong>. If your weblink differs from this one, it’s probably a fake. Alternatively, those links could lead you to the token hijacking page – visiting such a site instantly transfers the session tokens to crooks. Therefore, before clicking it, it is better to check it up through the Incognito mode or the other browser which does not have a Microsoft account authentication.<\/p>\n
![\"Check](\"https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2022\/10\/Outlook.com-Microsoft-Team-Phishing-Attack-2.jpg\" "\\"\\"")
To understand where a link leads, you need to put the cursor on it and not move it for a couple of seconds<\/figcaption><\/figure>\n What to do when I get a spam email?<\/h2>\n
Do not enter your detail<\/h3>\n
If you realized it was a spam email before you clicked on the link, you only have to delete or ignore it (it will be deleted from the spam folder after 30 days). However, if you understand it only after clicking on the link, do not enter any of your data under any circumstances. This is especially important if you get to the login page, which requires your Microsoft account password. Unfortunately, with the aforementioned case of token hijack, you will barely be able to detect something. That\u2019s why we suggest you to avoid clicking the link and proving that the message is fake in the other way.<\/p>\n
Check the Microsoft recent activity page<\/h3>\n
If you have not performed any unusual login actions but received a warning, log in to your Microsoft account manually from the official site<\/a>. Then check your recent login activity to ensure that no unauthorized person has tried logging in to your account. Still, if you\u2019ve received a genuine message and someone tried to log in – you will not lose a thing, as the system has blocked the attempt.<\/p>\n
![\"Login](\"https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2022\/10\/recent-activities.webp\" "\\"\\"")
Any login attempts to your account will be displayed here<\/figcaption><\/figure>\n Contact Microsoft<\/h3>\n