User at risk detected

Dev1 Datalaked 0

I just received and e-mail with
User at risk detected from Azure

I checked the log, and the IP address is
4.231.208.16 - a Microsoft owned.

What should I do?

Device info:

Python Requests 2.26

Andy David - MVP 145.6K Reputation points MVP

2023-03-10T15:15:50.1866667+00:00

What is the actual risk?

https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks#user-linked-detections
Shweta Mathur 29,756 Reputation points Microsoft Employee

2023-03-27T08:12:22.2566667+00:00

Hi @Dev1 Datalaked ,

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.

1 answer

Dillon Silzer 56,681 Reputation points

2023-03-11T05:18:25.16+00:00

Hello,

It is possible that someone is using a Microsoft resource to try an authenticate to the account.

#1 Check if you have any resources (scripts, etc) that are python that may be trying to make these connections.

#2 If you don't you can try reporting this ip address to Microsoft.

https://msrc.microsoft.com/report/abuse

If this is helpful please accept answer.
Please sign in to rate this answer.

0 comments No comments
Sign in to comment