Beware Of Fake Microsoft Account Unusual Sign-in Activity Emails

By   ISBuzz Team
Writer , Information Security Buzz | Aug 12, 2019 01:22 pm PST

According to Bleeping Computer, attackers are capitalizing on this by sending emails that pretend to be “Microsoft account unusual sign-in activity” alerts from Microsoft. When compared to the legitimate email notifications sent by Microsoft, they look almost identical with the same information fields and even the same sender address of account-security-noreply@accountprotection.microsoft.com“.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Corin Imai
Corin Imai , Senior Security Advisor
August 12, 2019 9:28 pm

The most successful campaigns in the phishing world are those which mange to create a ‘call to action’ while seeming totally out of the ordinary at the same time. Receiving unusual sign-in alerts is not an unlikely scenario, and people will be likely to respond to these promptly in order to keep their online accounts safe – particularly for online account such as Microsoft, which are likely to contain personal or sensitive information. The issue is further compounded when we look at the email address used in this phishing attack – [account-security-noreply@accountprotection.microsoft.com] – which does not contain any of the traditional tell-tale signs of a phishing campaign.
The best advice for anyone concerned they have been targeted by this campaign is for them to check via a legitimate Microsoft channel whether this request is genuine before acting on it – It’s better to deal with a legitimate problem slightly slower than an illegitimate one promptly.

Last edited 4 years ago by Corin Imai

Recent Posts

1
0
Would love your thoughts, please comment.x
()
x