Seeing so many "unsuccessful sign-in" attempts from all over the world… microsoft authentication is active

Hi, I'm deeply concerned about this pressing security issue. Previously, I would occasionally receive one or two unsuccessful Microsoft Office 365 sign-in attempts, but now I'm bombarded with numerous attempts from various countries daily. This has been the same (Gmail) email address I've used for years, and the sudden surge in attempts is alarming.

Also, I'm not experiencing any other security issues from any other entity using that same Gmail account, which I use for general email only (mostly subscriptions for shopping. Therefore, it's clear that this is a Microsoft-specific issue that Microsoft should address directly without suggesting workarounds or ignoring the problem.

I use Microsoft 365, which I like, but I don't use Outlook, so I don't have an Outlook address. I don't install Outlook for one particular reason. I use a Mac, so I don't want to have issues with my calendar, address book, mail, or anything, so it's not installed. I do not wish to install it, and that is my choice. But I am getting spammed by sign-in attempt notifications. This is not something that Microsoft Support should ignore. You know this is a security issue, and Microsoft Support should address it, not asking us to use aliases.

Please clarify if there have been any additional security issues at Microsoft since the recent CrowdStrike debacle.

I am using my time to notify you because this issue shouldn't be brushed off but looked at, so I have enclosed my list of daily strikes below. Since it's only Microsoft Office 365, maybe instead of asking people to do aliases, someone at Microsoft should look into this and increase the security of Microsoft Office 365 sign-in. Every time I sign in, I have to fill in my business alias for my Mac address email to get a security code, and I want to maintain that as my second-tier security.

The current situation is disrupting my routine, and for every person who contacts support, there must be a million who save their time. I cannot afford to manage multiple email addresses (and that won't stop a hack), and a workaround is not a viable solution. Microsoft must address this security issue as soon as possible.

Recent activity

Time (GMT) Session Type Approximate location

5 hours ago Unsuccessful sign-in Russia

8 hours ago Unsuccessful sign-in Turkey

8 hours ago Unsuccessful sign-in China

Yesterday 2:52 PM Unsuccessful sign-in Albania

Yesterday 3:45 AM Unsuccessful sign-in Brazil

9/28/2024 6:25 AM Unsuccessful sign-in Brazil

9/28/2024 3:30 AM Unsuccessful sign-in Brazil

9/27/2024 8:59 PM Unsuccessful sign-in Tunisia

9/27/2024 6:28 PM Unsuccessful sign-in Argentina

9/27/2024 5:45 AM Unsuccessful sign-in Paraguay

9/26/2024 1:12 PM Unsuccessful sign-in Brazil

9/26/2024 11:17 AM Unsuccessful sign-in United Kingdom

9/26/2024 9:20 AM Unsuccessful sign-in Italy

9/26/2024 8:31 AM Unsuccessful sign-in Brazil

9/26/2024 6:43 AM Unsuccessful sign-in Romania

9/26/2024 4:05 AM Unsuccessful sign-in Brazil

9/25/2024 11:18 PM Unsuccessful sign-in Indonesia

Microsoft should allow normal user to implement basic geolocation block which will dramatically reduce the noise.

Dear BBilek,

Thank you for posting in the Microsoft community.

I understand that the continuous attempts to log into your account must have caused you a lot of trouble.

What you're currently experiencing might be hackers using automated scripts to try and obtain your password. They can do this merely with your account name, and it has nothing to do with whether you've activated a mobile authenticator, which adds an extra layer of protection for you.

Please understand that hacking attempts occur constantly worldwide, and we can only enhance the security of our accounts.

You can temporarily revoke the login permissions for your current account, which can effectively deter intruders who already know your account name.

To do this, please click on this link (Microsoft account | Sign In or Create Your Account Today – Microsoft) and log into your Microsoft account.
Then, click [Your Info] on the left side and [Edit Account Info] on the right side of the opened screen.
Within this interface, you can add an alias to your account as a new login name. Given the current security risk associated with your account, I recommend creating an alias with an outlook.com extension that doesn't require authentication. (If you use a custom alias below, the system will prompt you to verify its existence. Only actual email addresses can be added as aliases.)
Next, click [Set as primary alias] next to the new alias to make it your primary one. After that, click [Change sign-in preferences] at the bottom and remove the checkmark in front of your current account name.

You have successfully removed the login permission for your account name. You can test this by entering your account name on the login screen; Microsoft will remind you that the username does not exist, preventing you and potential intruders from logging in. Please note that you won't be able to log in with this account name under this circumstance.

Please remember the account name you've changed. Additionally, we've tested that you can still send and receive emails using this account name. The sender can use your account name as the recipient, and email functionality remains unaffected.

Typically, these types of automated login attempts are carried out by scripts that give up after multiple failed attempts with non-existent accounts. You can check if your account is still under attack by re-enabling login access for your account name after 3-5 days of changing the alias.

I hope the information above will be helpful to you. We appreciate you spend your time working on this issue. We look forward to your response. 

Best Regards,

Ulrica.W - MSFT | Microsoft Community Support Specialist

It's crazy, I'm seeing the same thing on my account, averaging about 9-10 failed attempts per day from all over the world. Oddly, a few days ago they succeeded, and I received an email from Microsoft. Within an hour of that login I changed my password. Not sure what, if anything was done while they had access to my account. I was on travel/work in Germany, and was lucky to have checked my email when I did.

"Put your data in our cloud..." they say. "It's safe!" they say. Nope. Nope. Nope.

My big question - why was I not informed of the greatly increased number of failed login attempts made on my account?

It's alarming, I'm witnessing a consistent pattern on my account, with an average of 9-10 failed attempts per day from various locations globally. Strangely, a few days ago, they managed to breach my account, and I received an email from Microsoft. I promptly changed my password within an hour of that login, but I'm unsure if any unauthorized activities were carried out during their access. I was fortunate to be able to check my email during my travel/work in Germany. This situation requires immediate attention.

"Put your data in our cloud..." they say. "It's safe!" Nope, nope, nope.

My primary concern is the lack of communication regarding the significant increase in failed login attempts on my account. Transparency is not just a key, it's a necessity in such situations. We need to know what's happening with our accounts.

Hi- Thank you for your reply, which has so many good points; what I find truly astounding is that nobody at Microsoft has woken up! The fact that nobody at Microsoft is paying attention to this is dismissive about the community, letting them know there is a severe problem is bad. These companies spend millions in insurance so they can continue to have the arrogance and stupidity not to act. Whoever is cyber-attacking our accounts doesn't want to get into our accounts? They want to hack into our accounts to go into Microsoft's back door and do whatever they want.

To your very valid point about the need for transparency, we need to find out how it happened or why instead of ignoring us.

The problem is their site is vulnerable because you're already on their site to do a log-in, which is not acceptable today. Also, to your point, a company like Microsoft should have a security wall page wall, but not a firewall, to make a metadata catch page where you log in and then get onto their main website. That wall page should require people to enter a password before entering the Microsoft site. We urgently need better security measures, which is a crucial point.

As a former board member of a cyberspace company, I have a deep understanding of these issues. Yet, I'm appalled and surprised that no one at Microsoft has the intelligence to take this seriously and realize they need to fix it for their sake and that of everybody else in the community.

But Microsoft has never fostered community, and that's always been its problem. I fully agree with your idea about transparency, and you're right. Still, Microsoft needs to take some baby steps in the humanity department and treat others respectfully.

To your point about the cloud, you're right, and I get a lot of trouble for knowing that, too. I say I don't trust the cloud because it is just not safe, and people are dismissive of me because I'm older, and they think I'm a dinosaur, which is why I don't like the cloud. It also happens to be made worse because I am female. I can't really use the word that I get, but I get a lot of grief about that, and I'm like, look, I'm paying you to back everything up onto my server as that is what I want. I do not want anything on the cloud except for photos and things like that, which I hope somebody won't do something weird with, but so I can sync it to all my devices, but anybody who keeps anything but photos on the cloud is an idiot.

Keeping your data information on your computer is essential because you can do several things to protect it. Also, it limits the odds because you know you're just one person, but companies that start storing millions of people's data are a target. It doesn't take anybody intelligent to know that. However, the cloud where you're storing so much information will constantly be hacked.

It's like what I used to use as an analogy about cyberspace: somebody will always want to rob a bank. The trick is to keep them from leaving the bank with the money. Microsoft and other companies don't understand that and don't get it, and they are employing people who don't tell them the truth, which is the truth. There's always going to be somebody who wants to rob the bank. You have to ensure they don't leave the bank, and that's why they need to use more modern technology. The company we worked with was fantastic, but people were stuck in their ways and didn't get it.

To be fully transparent, I'm on my first day of vacation, and I'm not supposed to be using email or text, so I can actually enjoy it. I'm gonna sign off, but I read your reply, and I just thought it was so thoughtful and so authentic. I just wish Microsoft and others would listen to people like yourself.