I sure don’t feel safe just ignoring it, considering the frequency.

  • TheObviousSolution@lemm.ee
    link
    fedilink
    English
    arrow-up
    13
    ·
    5 months ago

    I got one of these emails. It isn’t even MFA, nothing to reply with the code to. It doesn’t even say which Microsoft account, it sent it to my GMail recovery account. It’s so utterly bad not being able to trace the attempt to its source. It’s sus that I’m not the only one to have recently experienced this out of nowhere. Maybe it’s an attempt to farm valid Microsoft emails from the way this service behaves?

    • I Cast Fist@programming.dev
      link
      fedilink
      English
      arrow-up
      9
      ·
      5 months ago

      If it happened on a MS account you have, you can check the activity part of the account, it should list all login attempts and give you an IP for each.

    • LifeInMultipleChoice@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      What email address did it come from, no links in it at all? I would assume phishing attempts that would be coming from a BS email that has a link to either go sign in or change your password which would send you to a site and then collect your entry, thereby gathering your actual sign in info.

      That can be compiled into other data over time and eventually whoever purchases or collects it all with have a full set, or immediately have a full set when they try those credentials on other sites that may not have 2 factor set up.