This looks legit from Microsoft?

[Craig234]

I previously mentioned getting a lot of 'someone tried to log into your account' messages from all over the world, that appear to be legitimate; today, I got a new one.


Microsoft account team <account-security-noreply@accountprotection.microsoft.com>
Sun 2/16/2020 2:11 AM

• You



Microsoft account

Security info replacement

Someone started a process to replace all of the security info for the Microsoft account...

If this was you, click the button below to bypass the waiting period by using your existing security info.

This was me

If this wasn't you, someone else might be trying to take over ... Click here and we'll help you protect this account.

If you don't recognize the Microsoft account ... you can click here to remove your email address from that account.

Thanks,

The Microsoft account team

When I click on the 'click here', it wants me to enter my password. I haven't yet, but it looks legitimate... just thought I'd run this by the forum. The text seems to suggest it will allow someone to 'replace all the security info' after a waiting period??

 

[sandorski]

I got a phone call recently saying my Social Insurance Number(CDN equivalent of a Social Security Number)was being suspended due to suspicious activity. I hung up and went on with my life.

 

[pcgeek11]

Any link in an e-mail that asked for your password or security information should be ignored. PERIOD.

If you give it out you will get what you asked for.

Go to your account and change the password and security information on your own. Better yet use dual authentication if available.

 

[balloonshark]

I agree with pcgeek. Never ever click on an email link requesting personal or account information. Always go directly to the source and log in then check everything out. The same goes for phone calls.

 

[daveybrat]

Beware of Fake Microsoft Account Unusual Sign-in Activity Emails

In this article we take a look at a phishing campaign that pretends to be an "Unusual sign-in activity" alertfrom Microsoft that could easily trick someone into clicking on the enclosed link.

www.bleepingcomputer.com

 

[Craig234]

Some e-mails are legit. My credit cards can send e-mails saying 'to see your statement, click here' leading to a login. Usually the links (you see when you mouse over) are the giveaway, they don't even try usually. You see that in the article daveybrat posted.

The link in this e-mail goes to "https://account.live.com/Proofs/Manage?mkt=EN-US", which looks legitimate. Any better info than just general 'be careful, don't trust links'?

 

[Craig234]

Since daveybrat posted specifically about it, here's one of the many recent 'unusual sign-in' e-mails.

Microsoft account team <account-security-noreply@accountprotection.microsoft.com>
Fri 2/14/2020 4:39 PM

• You



Microsoft account

Verify your account

We detected something unusual about a recent sign-in for the Microsoft account ... For example, you might be signing in from a new location, device, or app.

To help keep you safe, we've blocked access to your inbox, contacts list, and calendar for that sign-in. Please review your recent activity and we'll help you secure your account. To regain access, you'll need to confirm that the recent activity was yours.

Review recent activity

Thanks,

The Microsoft account team

Unlike the link in his article, the link in this e-mail goes to "account.microsoft.com/activity", so it looks legit.

 

[VirtualLarry]

You do realize that those links that they show in the browser when you hover over, can be faked by JavaScript, right?

 

[balloonshark]

When I get legit emails of tracking info from Amazon I always go directly to Amazon and sign in and find the tracking info myself or I sign in and then click on the link in the email just in case it's fake. I'll say it again. Never click on a link in an email and log in and/or give out personal or financial information. I also do the same with deal links posted here and on slickdeals.

 

[Craig234]

You do realize that those links that they show in the browser when you hover over, can be faked by JavaScript, right?

Hadn't seen that. Guess they aren't very good usually. Wonder if hitting 'reply' and seeing who it goes to is a good test - or anything else.

 

[pcgeek11]

Some e-mails are legit. My credit cards can send e-mails saying 'to see your statement, click here' leading to a login. Usually the links (you see when you mouse over) are the giveaway, they don't even try usually. You see that in the article daveybrat posted.

The link in this e-mail goes to "https://account.live.com/Proofs/Manage?mkt=EN-US", which looks legitimate. Any better info than just general 'be careful, don't trust links'?

We are trying to give you sound advice. Don't click on a link and give out your information.
Go to your Microsoft Account by manually entering the information instead of clicking the link in the email.

Don't answer either. They may be just fishing to see if you are a valid e-mail address...

Ignore it and delete it.

 

[Craig234]

Assuming these are phishing; it's good to try to find more, better ways to tell which are real, though.

 

[pcgeek11]

Assuming these are phishing; it's good to try to find more, better ways to tell which are real, though.

Well I guess you could just click on all the links etc and find out for sure.

Make sure you post up the results when you get your PC recovered from the infection.

 

[balloonshark]

If it something security related and really looks legit and you can't find anything when you go directly to the site you can always contact the company directly to find out if they sent you an email. It's better to be safe than sorry.

 

[Craig234]

If it something security related and really looks legit and you can't find anything when you go directly to the site you can always contact the company directly to find out if they sent you an email. It's better to be safe than sorry.

Yup. But trying to get a response from Microsoft... ugh.

 

[balloonshark]

Yup. But trying to get a response from Microsoft... ugh.

I've had really good luck with contacting them about my Microsoft Rewards issues. Of course your issue is security related so it might be a little more complicated so YMMV.

 

[Batmeat]

Seeing how accountprotection.microsoft.com doesn’t exist.....scam

 

[balloonshark]

Just got a scary email from "Apple" with the title "Your Apple was disabled." from Αρplе Support <no-reply-msgmgczscg5fff9zz55 at dpkmppi.service.xpze4lhlinyh.mnyrz>

Dear xxx at email.com,

Your account Apple ID has been access from another devices.
For security reason we have locked your account.
Please verify your Apple ID account within 24 hours, If no verification is performed we will delete your account completely.
Click verification button below to verify your account.

(Then there is a verification button and when I hover over it the url is https://www dot linkedin dot com/slink?code=eu8bnNJ?auth_id=5zwGBmNj659O)​

Best Regards,
Apple support

Apple ID | Support | Privacy Policy (none of these are working links)
< support at apple.com>​

​

This email had a ton of red flags. No way I would click that verification link and enter my credentials. The email was from a shady address with a ton of random letters and numbers, it is wrote with broken English. The verification link goes to linkedin.com and none of the links at the end are actual working links. This is why it's best practice to go directly to apple.com and log in to see if there is an issue. If so you can connect apple directly from their site.

P.S. I modified the email and urls so they don't work.