Notification of unusual sign-in activity – genuine or scam?

by Lorraine Williamson
unusual sign-in activity
del canto chambers 2

As we know, scams are everywhere. Almost every day we come across something suspect in our emails or receive a call from a “potential” spam caller. But there are still so many that are very convincing and make us second guess ourselves whether we should click on that link or not. Such as this one from “Microsoft” where the email alerts you to unusual sign-in activity from Moscow.

Last week, one of our editors received an email from “Microsoft”. This came a few days after an email from Microsoft advising her software package was due for renewal. The new email advised her that there was “unusual sign in activity”. It confirmed the email address and gave sign-in details. These included the country and region of the supposed sign-in, the IP address, the date and time of the sign-in, the platform and the browser.

Unusual sign-in activity

All this did look genuine, especially since there has been a lot of publicity about online hackers from Russia. Furthermore, the sender´s email address looked authentic as it was @microsoft.com.

The email gave a couple of links to click on. The first was to report the user. It threatened that if you didn´t click the link, they would assume all other sign-ins from this area would be trusted. This is designed to create alarm, as obviously she did not log in from Moscow.

As an alternative, the other link offers you the option to opt out or change where you receive your security notifications from Microsoft.

Both links are fake.

Follow up email

Moreover, despite researching and writing many articles on scams, our editor was concerned when she received a second follow-up email advising of yet another sign-in from Moscow.

del canto chambers 2

However, as advised by the Guardia Civil and the OSI (Oficina de Seguridad del Internauta), always check with the official website.

On checking with Microsoft, our editor found out if there was an unusual sign-in attempt for her account, she would receive an email or text message. Microsoft would then send a message to all her alternate contact methods.

Furthermore, to help protect the account, Microsoft may ask you to provide a security code from one of these contacts. This step prevents people who aren’t you from signing in and lets Microsoft know if it was just you signing in from an unusual location or device. 

If you aren’t sure about the source of an email, check the sender. You’ll know it’s legitimate if it’s from the Microsoft account team as it should come from the following:

account-security_noreply@accountprotection.microsoft.com

 Also read: Black Friday offers or scams?

You may also like