Aracılığıyla paylaş

Someone is trying to get into my Microsoft account

Anonim
2024-07-20T22:32:57+00:00

I was using 2FA but today suddenly Microsoft wanted me to set up a password. I set it then logged out from all devices from the security settings. Notification were saying there might be a virus in one of the devices but there is not. I scanned my PC with more than two AV app and results were safe. (Microsoft Defender, McAfee, Kaspersky, Malwarebytes) I don't understand how my account got risky even if I was using authenticator app. There is no problem in my other accounts (Google, Instagram, Amazon, Roblox etc. They're also using 2FA on the same Authenticator app.) but they're simply attacking my Microsoft account. In login attempts, it often says that the person trying to log in entered the wrong password. Is there anything to worry about or can I relax? I closed all my sessions on my computer in case there was a virus on my computer too. Also cut the internet connection of it.

Windows Ev | Windows 11 | Güvenlik ve gizlilik

Kilitli Soru. Bu soru Microsoft Destek Topluluğu’ndan aktarıldı. Yararlı olup olmadığını belirtmek için oy verebilirsiniz ancak yorum veya yanıt ekleyemez ya da soruyu takip edemezsiniz.

0 yorum

1 yanıt

Sıralama ölçütü: En yararlı
En yararlı En Yeni En Eski
  1. Anonim
    2024-07-21T02:58:17+00:00

    Hi Armağan,

    I am Tanvi, and I would be happy to assist you today!

    It's good you're being cautious! Even though you had 2FA enabled.

    1. If someone has access to your phone number (through a SIM Swap attack),

    they might be able to bypass the 2FA code sent via SMS, especially if the attacker also knew a weak password. This could explain the "wrong password" attempts, as they might try different combinations.

    1. While you scanned your main PC, it's possible malware on another device (phone, tablet) might be leaking information or attempting logins. Consider scanning all devices that have access to your Microsoft account.
    2. Hackers often exploit leaked databases of usernames and passwords from other breaches. They might be trying your login information (known as credential stuffing) from another compromised account on Microsoft.

    Here's what you should do-

    1. Don't rely solely on SMS verification. Use a robust 2FA method like a Microsoft Authenticator app or a physical security key.

    These are much harder to bypass.

    1. Update your password for Microsoft and other accounts sharing similar login credentials. Use strong, unique passwords for each account. A password manager can help you create and manage these.
    2. Check your Microsoft account's login activity and see if there are any unrecognized locations or devices.

    You can remove suspicious entries and block future login attempts from those locations/devices.

    1. While multiple antivirus scans didn't find anything,

    you can try a dedicated anti-malware scan with a program like Malwarebytes to rule out any lingering threats.

    Additionally, after securing your account and changing passwords, if the attempts cease, you can likely relax. However, If you see continued login attempts, especially from unknown locations, contact Microsoft support immediately.

    I hope this information helps. Please let me know if you have any other queries.

    Good Day

    Bu yanıt yardımcı oldu mu?

    0 yorum