I HOPE THAT SOMEBODY AT MICROSOFT HAS THE TIME TO READ (AND UNDERSTAND :) ) THE ENTIRE MESSAGE A Microsoft moderator replied as follows to the question whether emails as in the subject (Microsoft account unusual sign-in activity- phishing/scam - )were scam/phishing or legit: "Thank you for the update. The email you received is designed to protect your account. You will receive that email when you sign-in your account from a new location or if you install a new app that signs in your account." I have received such type of email and part of the text is as follows: Sign-in details Country/region: United States IP address: 10**** Date: 30/07/2024 06:48 (GMT) Platform: - Browser: - Please go to your recent activity page to let us know whether or not this was you. If this wasn't you, we'll help you to secure your account. If this was you, we'll trust similar activity in the future. The IP address produces the following result: IP address: 104***** Continent ? : NORTH AMERICA Country/Area of the Site Code ? : US ? Country/Site Area Name ? : 🇺🇸 United States? Name of the district ? : South Carolina City Name ? : Moncks Corner City Shirina ? : 33.1967 City Longitude ? : -8****4 My questions: how do I verify the email received as from Microsoft is legit when it contains none of my personal information? for example it could include my name, or few characters from my telephone number or other clever things. the login in the message received, refers to my daughter (no longer a minor) account, based on the few only characters shown in the message received "We detected something unusual about a recent sign in to the Microsoft account xy********@hotmail.com " Well she also is not in the USA. She checked her emails and found the same message I have received, but it was in the SPAM folder; no wonder as the message was so impersonal. Once checked the account's activity, she found out the activity above mentioned. Still the activity shown above does not say whether there was a log-in or not. Microsoft messages should state what the "unusual activity" they refer in their messages, is. How is one suppose to check whether an activity was legit or not, when we do not know what the activity was? Hope the above is clear,

Dear Povich, Welcome to Microsoft community. I have read the whole thing you wrote, you might have received a lot of emails with unusual activity logins lately, but you can't tell if they are really from Microsoft or just phishing emails, which worries you and I understand your concern. Don't worry too much, I'm going to show you how to verify the legitimacy of the Email, follow these steps: 1, Check the Sender's Email Address: Ensure the email comes from a legitimate Microsoft domain (e.g., @outlook.com, @hotmail.com, or @microsoft.com). Be wary of slight variations or misspellings . Slight errors or statements that don't make sense are likely to be phishing emails sent out in bulk. 2, **** Look for Personalization: While it's not a guarantee, legitimate emails from Microsoft often include your name or a part of your email address. Phishing emails may have poor grammar, unusual formatting, or generic greetings (e.g., "Dear User" instead of your name). 3, Hover Over Links : Don't click on any links. Instead, hover over them to see the actual URL. Legitimate Microsoft links should lead to trusted Microsoft domains. 4, **** Check Your Account Activity: Log into your Microsoft account directly (not through links in the email) and review your account activity for any unfamiliar sign-ins or attempts. Please follow this link to Check the recent sign-in activity for your Microsoft account - Microsoft Support . These are some commonly used methods of identifying legitimate emails, and the same applies to your daughter's emails. in fact, the best way to deal with phishing emails is to improve the security of our own account, because people make mistakes, click the wrong phishing emails are also possible, and of course none of us want that to happen. You should consider how to make your account secure enough so that hackers can't easily do things to your account that will cost you a lot! You can consider the suggestions in the following documents to improve the security of your account: How to help keep your Microsoft account safe and secure - Microsoft Support You may consider turning on two-step verification for your account to improve account security, see: How to use two-step verification with your Microsoft account - Microsoft Support Signing in with Microsoft Authenticator is also a good option, adding an extra layer of protection to your account: About Microsoft Authenticator - Microsoft Support I wish you all the best, feel free to let me know if you need further assistance. Best regards, Harris-MSFT |Microsoft Community support specialist

I received two similar e-mails under two email addresses; I followed the links; entered the correct email address (which they had partially shown) and had to wait for a Code to proceed; no Code was ever emailed. With AI the reliably poor spelling/grammar of the past may be behind us and similarly the email address looks legit Microsoft account team <******@accountprotection.microsoft.com>. The location of the "activity" was in a distant nation so who knows what clicking on the link has done; presumably/obviously whoever this was (my suspicion is that it was Microsoft) already had my email addresses.

I would be worried about this where you didn't receive a code. Maybe you verified your email address to a phisher. With leaked data, people can customize email with your name as who they are speaking to so it looks more legit.

Thanks for your help. the following question, though, still remains unanswered: How is one suppose to check whether an activity was legit or not, when we do not know what the activity was? Also, though the how to verify whether an MS email is legit is of help, I think that MS developers and administration, should implement a better email wordings/details, so to increase users confidence in MS correspondence. Banks' emails I receive bear my name or some letters/numbers from log-in details, etc. best,

Fortunately I tried the "Check the recent sign in.." etc from the link above and got the same result as from the e-mail link i.e. no code sent so it looks like another Microsoft error and turning off communications looks like a good option.

concerns about "unusual sign-in activity" messages

Anonymous

I HOPE THAT SOMEBODY AT MICROSOFT HAS THE TIME TO READ (AND UNDERSTAND :) ) THE ENTIRE MESSAGE

A Microsoft moderator replied as follows to the question whether emails as in the subject (Microsoft account unusual sign-in activity- phishing/scam - )were scam/phishing or legit:

"Thank you for the update. The email you received is designed to protect your account. You will receive that email when you sign-in your account from a new location or if you install a new app that signs in your account."

I have received such type of email and part of the text is as follows:

Sign-in details

Country/region: United States

IP address: 10****

Date: 30/07/2024 06:48 (GMT)

Platform: -

Browser: -

Please go to your recent activity page to let us know whether or not this was you. If this wasn't you, we'll help you to secure your account. If this was you, we'll trust similar activity in the future.

The IP address produces the following result:

IP address:	104*****
Continent ? :	NORTH AMERICA
Country/Area of the Site Code ? :	US ?
Country/Site Area Name ? :	🇺🇸 United States?
Name of the district ? :	South Carolina
City Name ? :	Moncks Corner
City Shirina ? :	33.1967
City Longitude ? :	-8****4

My questions:

how do I verify the email received as from Microsoft is legit when it contains none of my personal information? for example it could include my name, or few characters from my telephone number or other clever things.
the login in the message received, refers to my daughter (no longer a minor) account, based on the few only characters shown in the message received "We detected something unusual about a recent sign in to the Microsoft account xy********@hotmail.com "

Well she also is not in the USA.

She checked her emails and found the same message I have received, but it was in the SPAM folder; no wonder as the message was so impersonal.

Once checked the account's activity, she found out the activity above mentioned. Still the activity shown above does not say whether there was a log-in or not.

Microsoft messages should state what the "unusual activity" they refer in their messages, is. How is one suppose to check whether an activity was legit or not, when we do not know what the activity was?

Hope the above is clear,

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

14 answers

Anonymous

2024-07-31T06:59:26+00:00

Dear Povich,

Welcome to Microsoft community.

I have read the whole thing you wrote, you might have received a lot of emails with unusual activity logins lately, but you can't tell if they are really from Microsoft or just phishing emails, which worries you and I understand your concern.

Don't worry too much, I'm going to show you how to verify the legitimacy of the Email, follow these steps:

1, Check the Sender's Email Address: Ensure the email comes from a legitimate Microsoft domain (e.g., @outlook.com, @hotmail.com, or @microsoft.com). Be wary of slight variations or misspellings. Slight errors or statements that don't make sense are likely to be phishing emails sent out in bulk.

2, **** Look for Personalization: While it's not a guarantee, legitimate emails from Microsoft often include your name or a part of your email address. Phishing emails may have poor grammar, unusual formatting, or generic greetings (e.g., "Dear User" instead of your name).

3, Hover Over Links: Don't click on any links. Instead, hover over them to see the actual URL. Legitimate Microsoft links should lead to trusted Microsoft domains.

4, **** Check Your Account Activity: Log into your Microsoft account directly (not through links in the email) and review your account activity for any unfamiliar sign-ins or attempts. Please follow this link to Check the recent sign-in activity for your Microsoft account - Microsoft Support.

These are some commonly used methods of identifying legitimate emails, and the same applies to your daughter's emails. in fact, the best way to deal with phishing emails is to improve the security of our own account, because people make mistakes, click the wrong phishing emails are also possible, and of course none of us want that to happen. You should consider how to make your account secure enough so that hackers can't easily do things to your account that will cost you a lot!

You can consider the suggestions in the following documents to improve the security of your account: How to help keep your Microsoft account safe and secure - Microsoft Support

You may consider turning on two-step verification for your account to improve account security, see:How to use two-step verification with your Microsoft account - Microsoft Support

Signing in with Microsoft Authenticator is also a good option, adding an extra layer of protection to your account: About Microsoft Authenticator - Microsoft Support

I wish you all the best, feel free to let me know if you need further assistance.

Best regards,

Harris-MSFT |Microsoft Community support specialist
Please sign in to rate this answer.

3 people found this answer helpful.

0 comments No comments
Anonymous

2024-08-01T13:17:04+00:00

I received two similar e-mails under two email addresses; I followed the links; entered the correct email address (which they had partially shown) and had to wait for a Code to proceed; no Code was ever emailed. With AI the reliably poor spelling/grammar of the past may be behind us and similarly the email address looks legit Microsoft account team <******@accountprotection.microsoft.com>. The location of the "activity" was in a distant nation so who knows what clicking on the link has done; presumably/obviously whoever this was (my suspicion is that it was Microsoft) already had my email addresses.
Please sign in to rate this answer.

2 people found this answer helpful.

0 comments No comments
Anonymous

2024-10-14T19:40:54+00:00

I would be worried about this where you didn't receive a code. Maybe you verified your email address to a phisher. With leaked data, people can customize email with your name as who they are speaking to so it looks more legit.
Please sign in to rate this answer.

1 person found this answer helpful.

0 comments No comments
Anonymous

2024-08-01T14:13:37+00:00

Thanks for your help.

the following question, though, still remains unanswered:

How is one suppose to check whether an activity was legit or not, when we do not know what the activity was?

Also, though the how to verify whether an MS email is legit is of help, I think that MS developers and administration, should implement a better email wordings/details, so to increase users confidence in MS correspondence. Banks' emails I receive bear my name or some letters/numbers from log-in details, etc.

best,
Please sign in to rate this answer.

1 person found this answer helpful.

0 comments No comments
Anonymous

2024-08-01T13:32:28+00:00

Fortunately I tried the "Check the recent sign in.." etc from the link above and got the same result as from the e-mail link i.e. no code sent so it looks like another Microsoft error and turning off communications looks like a good option.
Please sign in to rate this answer.

1 person found this answer helpful.

0 comments No comments

Share via

concerns about "unusual sign-in activity" messages

14 answers