User at risk detected

Dev1 Datalaked 0 Reputation points
2023-03-10T14:42:22.4866667+00:00

I just received and e-mail with
User at risk detected from Azure

I checked the log, and the IP address is
4.231.208.16 - a Microsoft owned.

What should I do?

Device info:

Python Requests 2.26

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,289 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Dillon Silzer 54,281 Reputation points
    2023-03-11T05:18:25.16+00:00

    Hello,

    It is possible that someone is using a Microsoft resource to try an authenticate to the account.

    #1 Check if you have any resources (scripts, etc) that are python that may be trying to make these connections.

    #2 If you don't you can try reporting this ip address to Microsoft.

    https://msrc.microsoft.com/report/abuse


    If this is helpful please accept answer.

    0 comments No comments