User at risk detected

Dev1 Datalaked 0

I just received and e-mail with
User at risk detected from Azure

I checked the log, and the IP address is
4.231.208.16 - a Microsoft owned.

What should I do?

Device info:

Python Requests 2.26

Andy David - MVP 115.3K Reputation points MVP

2023-03-10T15:15:50.1866667+00:00

What is the actual risk?

https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-risks#user-linked-detections
Shweta Mathur 13,081 Reputation points Microsoft Employee

2023-03-27T08:12:22.2566667+00:00

Hi @Dev1 Datalaked ,

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.

1 answer

Dillon Silzer 36,121 Reputation points

2023-03-11T05:18:25.16+00:00

Hello,

It is possible that someone is using a Microsoft resource to try an authenticate to the account.

#1 Check if you have any resources (scripts, etc) that are python that may be trying to make these connections.

#2 If you don't you can try reporting this ip address to Microsoft.

https://msrc.microsoft.com/report/abuse

If this is helpful please accept answer.
Please sign in to rate this answer.

No comments
Sign in to comment

Activity