A new scam?

Started by dudwell, Oct 31, 2022, 15:29:36

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

dudwell

I've received the following email 3 times, it appears to come from microsoft.com but doesn't address me directly by name. A button invites me to "Report the user". I suspect it's some sort of scam?

Microsoft account team <no-reply@microsoft.com>
Microsoft account
Unusual sign-in activity
We detected something unusual about a recent sign-in to the Microsoft account "myname"@hotmail.com.
Sign-in details
Country/region: Russia/Moscow
IP address: 103.225.77.255
Date: Sun, 30 Oct 2022 11:10:20 +0000
Platform: Windows 10
Browser: Firefox
A user from Russia/Moscow just logged into your account from a new device, If this wasn't you, please report the user. If this was you, we'll trust similar activity in the future.
Report The User
To opt out or change where you receive security notifications, click here.
Thanks,
The Microsoft account team

Simon

I suspect if you check the full headers of the email, it won't have come from Microsoft at all, Dud.
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

dudwell

Thanks Simon. I've clicked on "View message source" which produces pages of gibberish with no mention of Microsoft in the first umpteen lines so I've reported it as phishing. Next question: who am I reporting to? And would they tell me if I were to report something that was in fact a genuine message?

Simon

A quick Google produced several results.  Here's one of them:

https://threatpost.com/microsoft-accounts-targeted-russian-credential-harvesting/178698/

I think you were right to treat it as malicious.
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.