We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
Microsoft account - Unusual sign-in activity
| Microsoft account | |||||||||||||||
| Unusual sign-in activity | |||||||||||||||
| We detected something unusual about a recent sign-in to the Microsoft account XXXXXX@hotmail.com. | |||||||||||||||
| Sign-in details | |||||||||||||||
| Country/region: Russia/Moscow | |||||||||||||||
| IP address: 103.225.77.255 | |||||||||||||||
| Date: Thu, 24 Mar 2022 23:05:44 +0000 | |||||||||||||||
| Platform: Windows 10 | |||||||||||||||
| Browser: Firefox | |||||||||||||||
| A user from Russia/Moscow just logged into your account from a new device, If this wasn't you, please report the user. If this was you, we'll trust similar activity in the future. | |||||||||||||||
| |||||||||||||||
| To opt out or change where you receive security notifications, click here. | |||||||||||||||
| Thanks, | |||||||||||||||
The Microsoft account team
|
He said to the salesman, “My wife would like to talk to you about the Volkswagen Golf in the showroom window.”
Salesman said, “We haven't got a Volkswagen Golf in the showroom window.”
The man replied, “You have now mate".
Comments
-
I probs wouldn’t click on any links in those emails. If she’s changed her password and can access her account then that’s good, may be worth considering setting up 2nd factor authentication on the account too, an extra layer of security and peace of mind 😊Useful is beautiful2
-
Change the password and switch on 2 factor authentication as Microsoft will be making it a requirement soon anyway.
Using the Microsoft Authenticator app on a phone is better than the SMS option and it can also be used for other accounts as well in the future.
If she uses that email and password for other accounts it could well be that one of those was compromised. Check if the email has been registered as hacked at https://haveibeenpwned.com/
You should never use the same password on multiple accounts. Using a password manager such as Bitwarden is a good way to be able to create and manage complex passwords.1 -
Don't click those links - if you hover over it you'll see it's an unofficial hotmail gateway site where once you tap in new details they will pick up your credentials. If you've change your password officially then you should be ok to go.1
-
Thanks for your quick responses.
For the sake of clarity she has not clicked on those links.
The emails from Microsoft look genuine but, unless there is a good reason to report it, she will do nothing. She has changed her password via the normal link within her Hotmail account. Nothing looks amiss in any of her folders.
We will both look at 2 factor authentication.A man walked into a car showroom.
He said to the salesman, “My wife would like to talk to you about the Volkswagen Golf in the showroom window.”
Salesman said, “We haven't got a Volkswagen Golf in the showroom window.”
The man replied, “You have now mate".0 -
She uses different password across her various accounts.400ixl said:
If she uses that email and password for other accounts it could well be that one of those was compromised. Check if the email has been registered as hacked at https://haveibeenpwned.com/
You should never use the same password on multiple accounts. Using a password manager such as Bitwarden is a good way to be able to create and manage complex passwords.
That pwned link shows 4 possible breaches of her Hotmail id. She does have a Linkedin ID but rarely uses it. She does not know the other two.Data Enrichment Exposure From PDL Customer: In October 2019, security researchers Vinny Troia and Bob Diachenko identified an unprotected Elasticsearch server holding 1.2 billion records of personal data. The exposed data included an index indicating it was sourced from data enrichment company People Data Labs (PDL) and contained 622 million unique email addresses. The server was not owned by PDL and it's believed a customer failed to properly secure the database. Exposed information included email addresses, phone numbers, social media profiles and job history data.Compromised data: Email addresses, Employers, Geographic locations, Job titles, Names, Phone numbers, Social media profiles
LinkedIn: In May 2016, LinkedIn had 164 million email addresses and passwords exposed. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data.
Compromised data: Email addresses, Passwords
LinkedIn Scraped Data: During the first half of 2021, LinkedIn was targeted by attackers who scraped data from hundreds of millions of public profiles and later sold them online. Whilst the scraping did not constitute a data breach nor did it access any personal data not intended to be publicly accessible, the data was still monetised and later broadly circulated in hacking circles. The scraped data contains approximately 400M records with 125M unique email addresses, as well as names, geographic locations, genders and job titles. LinkedIn specifically addresses the incident in their post on An update on report of scraped data.
Compromised data: Education levels, Email addresses, Genders, Geographic locations, Job titles, Names, Social media profiles
Onliner Spambot (spam list): In August 2017, a spambot by the name of Onliner Spambot was identified by security researcher Benkow moʞuƎq. The malicious software contained a server-based component located on an IP address in the Netherlands which exposed a large number of files containing personal information. In total, there were 711 million unique email addresses, many of which were also accompanied by corresponding passwords. A full write-up on what data was found is in the blog post titled Inside the Massive 711 Million Record Onliner Spambot Dump.
Compromised data: Email addresses, Passwords
A man walked into a car showroom.
He said to the salesman, “My wife would like to talk to you about the Volkswagen Golf in the showroom window.”
Salesman said, “We haven't got a Volkswagen Golf in the showroom window.”
The man replied, “You have now mate".0 -
Those 4 potential breaches don't mean her actual Hotmail account was breached.
It relates to leaks/breaches of data where the login/username was the Hotmail address.1 -
As she uses different passwords on every account, it isn't a concern to her.k_man said:Those 4 potential breaches don't mean her actual Hotmail account was breached.
It relates to leaks/breaches of data where the login/username was the Hotmail address.A man walked into a car showroom.
He said to the salesman, “My wife would like to talk to you about the Volkswagen Golf in the showroom window.”
Salesman said, “We haven't got a Volkswagen Golf in the showroom window.”
The man replied, “You have now mate".1 -
As long as passwords really are different, and not pattern based.
As above recommend setting up 2FA, everywhere (not just Hotmail).
And final recommendation is to use a password manager, to make unique strong passwords much easier to manage.
2 -
Hovering over Report The User gives an email link to:
unrecognized.suspicious.activity@googlemail.com <unrecognized.suspicious.activity@googlemail.com>;Very unlikely Microsoft would use a Google email address 😄PPI success. Banding success. Double Dip PCN cancelled! South facing solar (Midlands) and battery. Savings Session supporter (is it worth it now!?)1 -
On the broader point, never click on links from an unexpected source. Find the official Microsoft, or relevant site and use the Contact Us address.
1
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.8K Banking & Borrowing
- 253K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.6K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards