Email security alerts are common today. Some from Microsoft may look like spam. There aren’t any, be careful.
I recently received two alerts from Microsoft that someone was trying to sign into my account. The emails contained links to view activity and reset my password, as well as a link to learn how to make my account more secure. And to be honest, those emails seemed…weird. Therefore, I ignored them. I finally realized that they were completely legal. Someone actually tried to get into my account and I almost let them because I thought those warnings from Microsoft were spam.
Microsoft security alerts may look like spam
Why did I think of a phishing attempt? First, I don’t use this account often. I can’t even remember the last time I went into it. Why then this account? Why now?
Back then, the design of the emails didn’t match what Microsoft had to offer, in my opinion. A large “Security Warning”message at the top of one of the emails and “Unusual login activity”in the other, which do not match the other text elements. Even the caption “Microsoft Account Team”looked odd. And if the email was from “Microsoft account group”, the address was “account-security-noreply@accountprotection.microsoft.com”. It’s also not hard, but quite difficult.
I typed it into Google to understand that many users also ask questions. But I found this Microsoft help page explaining why you might get a security alert in Office 365 with an image very similar to one of my emails. The purpose of this article was not to confirm whether the warning was legal, but to confirm.
I decided to sign in with my Microsoft account. And someone really managed to connect to it. Luckily he didn’t do anything to it. I was able to reset my password and security settings without any problems. However, in a recent activity, I was able to confirm that someone successfully logged in.
How to know if this security warning is legal
In recent years, scammers have learned how to create emails that look completely official. However, there are certain signs that you should pay attention to in order to confirm or deny their authenticity.
There is, of course, a smell test if you can say, “Is this a scam-free email?”If there are spelling and/or grammatical errors, if the formatting leaves something to be desired, if the turn of phrase seems personal, it may be spam. This is not always the case, but you need to be careful.
Also check the sender. The sender’s name is easy to fake, but the address still appears when you click on it. The address may put you on the ear. When in doubt, type it into Google.
Opening email, even spam, will very rarely cause you problems. Links and/or attachments are the real threat. You don’t want to click on a dangerous URL, so make sure the link is legal before you click. Hover your mouse over it to see the real URL. In my case, these were links to official Microsoft pages, and not to little-known sites.
If in doubt, don’t click. Then it is better to immediately go to the relevant site, in my case Microsoft, to his account, to find out what is at stake. And never open an attachment you don’t recognize.
Remember, Google is your friend. If the email is from a large company like Microsoft, chances are others have received it. And, most likely, some asked for clarification. Perhaps some will even discover potted roses.
Cyber attacks are on the rise, it never hurts to be careful. Just don’t be too careful.