Automatic Sync from a Phishing Site?

Question

I received an email from Microsoft that said "Security info replacement - To continue replacing your security info, click the button below." I wasn't trying to change my security info. So, I know that this was a phishing email. I'm used to that but I went to my Microsoft profile and read that someone in Spain had an automatic sync session type. Their login attempt was unsuccessful but every other time that I have had someone try to get into my Outlook account, it never said automtic sync before. It only said unsuccessful sync.

Why was there an automatic sync with this attempt?

Answer 1

Hello DiNyh13601, thank you for reaching out to the Microsoft Community. I am here to help and provide assistance with any questions or concerns you may have.

The email you received sounds like a phishing attempt, and it's important that you do not click on any links or provide any personal information in response to it. Phishing emails are a common tactic used by cybercriminals to try to steal personal information, such as login credentials, by tricking people into providing it.

Regarding the automatic sync from Spain, it is likely that the attempted login was an automated script or a bot rather than a real person.

It is important to note that Microsoft have many security measures in place to protect your account, and one of those is detecting multiple failed log-in attempts, when it detects multiple failed attempts from different locations, it may flag it as an "unsuccessful sync" and block that IP, also it will send you notification, so in case if you didn't initiate the login attempt you can take action.

In order to protect your account, I would recommend you to change your password right away and make sure it is strong and unique. Also consider enabling two-factor authentication on your Microsoft account, which can help prevent unauthorized access even if your password is compromised.