1.    16 Jan 2017 #1
    Join Date : Dec 2015
    Posts : 33
    Microsoft Windows 10 Pro 64-bit

    Got an email from Microsoft today (somewhat urgent)


    Hi guys! I got an email from "microsoft" today - emphasis on "microsoft" because I'm still deliberating if it is legit or not. First email a couple of hours ago is that someone tried to access my account and the second on is that someone successfully accessed my acount.

    I know my password is secure and I haven't logged in to my account using any other computer but maybe - just maybe someone did. I tried clicking the link and it send to a somewhat legit microsoft page. Can anyone shed light into this? I attached snips of the email


    Click image for larger version. 

Name:	microsoft.PNG 
Views:	6 
Size:	27.9 KB 
ID:	117341Click image for larger version. 

Name:	microsoft2.jpg 
Views:	8 
Size:	227.9 KB 
ID:	117342Click image for larger version. 

Name:	microsoft3.PNG 
Views:	6 
Size:	51.4 KB 
ID:	117343
      My ComputerSystem Spec
  2.    16 Jan 2017 #2
    Join Date : Jul 2014
    San Jose, California
    Posts : 2,153
    Ubuntu14.04x64 MintMate17x64 Win10Prox64

    It's a scam. MS never email anybody for such thing.
      My ComputerSystem Spec
  3.    16 Jan 2017 #3
    Join Date : Oct 2014
    Trnava
    Posts : 2,866
    Windows 10.4 Home 1709 x64

    Check your recent activity to verify.

    Sign in to your Microsoft account
      My ComputerSystem Spec
  4.    16 Jan 2017 #4
    Join Date : Dec 2015
    Posts : 33
    Microsoft Windows 10 Pro 64-bit
    Thread Starter

    Thanks for the tip guys. I changed my password just to be sure using the link you gave Tairiku. The funny thing is, the confirmation email sender when I changed my password is the same email that sent me the warning in the first place. I checked the recent activities and my account was not logged in from another place. Maybe it was just a false alarm.
      My ComputerSystem Spec
  5.    16 Jan 2017 #5
    Join Date : Oct 2013
    A Finnish expat in Germany
    Posts : 12,971
    Windows 10 Pro

    Quote Originally Posted by topgundcp View Post
    It's a scam. MS never email anybody for such thing.
    I am sorry but I think you are wrong.

    These emails can be and sometimes are scams, but in these cases the sender is not an email from a valid Microsoft sender and link does not take to valid Microsoft https site. I have received exactly the same message on various Live, MSN and outlook.com addresses a few times and they have always been valid.

    Noticeable is that as OP's last screenshot shows, link in email took to authentic secured Microsoft site.

    Microsoft really sends this message when there has been unusual or suspected activity. Last time I got this message when I wanted to share something personal from OneDrive (not shared publicly) with someone in another country who has nor has never had any Microsoft accounts or emails. For some reason he could not download the shared file although I had set sharing not to require a Microsoft account.

    As I trust my life in hands of this person, I decided to let him sign in to OneDrive with my credentials and download the file. I first changed password of my outlook.com email to a temporary password and disabled two step authentication as he was waiting on phone, he then signed in to my OneDrive and downloaded the file, me all the time waiting on the phone, and when he was done and signed out I immediately changed my password again and re-enabled two step authentication.

    Exactly the same email than in OP's first screenshot arrived not a full day later.

    In OP's case I assume that even when checking the message header it reveals it really came from actual Microsoft domain.

    Kari
      My ComputerSystem Spec
  6.    16 Jan 2017 #6
    Join Date : Jul 2014
    San Jose, California
    Posts : 2,153
    Ubuntu14.04x64 MintMate17x64 Win10Prox64

    @Kari
    OK. Thanks for the correction.
      My ComputerSystem Spec
  7.    16 Jan 2017 #7
    Join Date : Aug 2016
    S/E England
    Posts : 4,512
    10 Home x64 (1709) (10 Pro on 2nd pc)

    Quote Originally Posted by Kari View Post
    In OP's case I assume that even when checking the message header it reveals it really came from actual Microsoft domain.
    Always look at the full header if you have any doubts about authenticity. 'From' addresses can be spoofed, look at the originating domain to see if it truly came from who it said it did.
      My ComputersSystem Spec
  8.    16 Jan 2017 #8
    Join Date : Oct 2013
    A Finnish expat in Germany
    Posts : 12,971
    Windows 10 Pro

    Quote Originally Posted by Bree View Post
    Always look at the full header if you have any doubts about authenticity. 'From' addresses can be spoofed, look at the originating domain to see if it truly came from who it said it did.
    True. The problem today is that many scammers use the original message body from real, original messages. It can sometimes be really difficult to say if message is real or fake without checking all available information.

    Full header also reveals the real URL in links in email. If link says it's for account management for your Microsoft email account and link really is https://account.microsoft.com (or https://account.live.com), it's a real thing.

    An example of a recent email from Microsoft regarding app passwords of one of my Microsoft email accounts. The button to click shows not where the click takes me, but message header as it shows all information reveals that it in fact is a valid, real Microsoft secure site:

    Click image for larger version. 

Name:	image.png 
Views:	6 
Size:	131.3 KB 
ID:	117359
      My ComputerSystem Spec
  9.    17 Jan 2017 #9
    Join Date : Dec 2015
    Posts : 33
    Microsoft Windows 10 Pro 64-bit
    Thread Starter

    Quote Originally Posted by Kari View Post
    True. The problem today is that many scammers use the original message body from real, original messages. It can sometimes be really difficult to say if message is real or fake without checking all available information.

    Full header also reveals the real URL in links in email. If link says it's for account management for your Microsoft email account and link really is https://account.microsoft.com (or https://account.live.com), it's a real thing.

    An example of a recent email from Microsoft regarding app passwords of one of my Microsoft email accounts. The button to click shows not where the click takes me, but message header as it shows all information reveals that it in fact is a valid, real Microsoft secure site:
    Click image for larger version. 

Name:	image.png 
Views:	6 
Size:	131.3 KB 
ID:	117359
    A normal user would have a hard time guessing if the email is legit or not. Sometimes the email looks very legit.
      My ComputerSystem Spec
  10.    17 Jan 2017 #10
    Join Date : Oct 2013
    A Finnish expat in Germany
    Posts : 12,971
    Windows 10 Pro

    Quote Originally Posted by jaypels View Post
    A normal user would have a hard time guessing if the email is legit or not. Sometimes the email looks very legit.
    That's what I said in my previous post. Scammers copying and using the original message body, layout, everything, it makes it hard to see if real or fake.

    A bit long reply now but as I think this might benefit a user or two, I'll post it:

    Using email from my inbox, exactly like the one in your original post as an example, before clicking any links simply bring the pointer on top of the link, not clicking it. Browsers using a status bar at bottom will now show the real URL, the address where you will be taken in statusbar bottom left:

    Click image for larger version. 

Name:	image.png 
Views:	46 
Size:	27.2 KB 
ID:	117484

    Microsoft Edge does not have statusbar but the link URL should also be seen bottom left. Link text could be anything but the URL shown when you mouse over it is always the one where you would be taken if you click the link.

    If for some reason the URL is not shown you can right click the link and copy it:

    Click image for larger version. 

Name:	image.png 
Views:	1 
Size:	31.1 KB 
ID:	117485

    Now paste it in Notepad (some advice I've seen says paste it in browser addressbar but I do not recommend it because an accidental key press might open the link):

    Click image for larger version. 

Name:	image.png 
Views:	45 
Size:	43.3 KB 
ID:	117486

    Now you can see if the link URL is real or fake. In the address you'll see protocol (red in screenshot above, usually either http or https, latter being secure), subdomain (blue), domain (green) and top level domain (TLD, yellow).

    Subdomain can be whatever, every domain owner can set up any preferred subdomains. Most common subdomain is www. Subdomain www is usually not needed to enter a domain's website, you can browse to TenForums with either tenforums.com without www subdomain or www.tenforums.com with subdomain.

    It's enough to be sure link is real if domain and top level domain are real, in this case microsoft.com. Regardless which if any subdomain is shown, that can't be faked: no one else than Microsoft web admins can add subdomains to Microsoft domain.

    Kari
    Last edited by Kari; 17 Jan 2017 at 06:57. Reason: Bottom left, not bottom right :)
      My ComputerSystem Spec

 


Similar Threads
Thread Forum
Microsoft native app updates today
MS seems to be having a field day updating the native apps at the moment, virtually all the native ones have updates available over last couple days so if your store update settings are set to manual you might want to run a check. About the only one...
Software and Apps
Microsoft Office 365 install error 30045-11 help (Urgent)
Hi, Sorry but I'm a newb when it comes to computers and forums, this is my first forum post, so I'm sorry if I do anything bad. I've recently installed Windows 10, but I've realised that my Microsoft office has stopped working. I want to open...
Software and Apps
Solved Microsoft Updated I.E. Flash Today. How? Win10 Broke?
9-21-2015 Today I received and installed an update from Microsoft labeled Adobe Flash Player Security Update for Internet Explorer. I don't have the Adobe Flash Player Active-X plug-in installed. In fact, Windows10 won't let me install it. ...
Browsers and Email
How do you add another Microsoft email account ?(even any other email
Well, just downloaded the Windows 10 today and want to add another email account. This one is a microsoft one(my husband's)-we just want to check the mail on it not sign in with it. So, how do you add another email account without having to sign on...
Browsers and Email
Microsoft Ignite keynote today at 9 a.m CDT
See: Watch the Microsoft Ignite keynote live! Microsoft Ignite - Agenda Microsoft Ignite - Sessions Microsoft Ignite - Why Ignite
Windows 10 News
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 08:19.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums