Windows 10: Got an email from Microsoft today (somewhat urgent)


  1. Posts : 47
    Microsoft Windows 10 Pro 64-bit
       16 Jan 2017 #1

    Got an email from Microsoft today (somewhat urgent)


    Hi guys! I got an email from "microsoft" today - emphasis on "microsoft" because I'm still deliberating if it is legit or not. First email a couple of hours ago is that someone tried to access my account and the second on is that someone successfully accessed my acount.

    I know my password is secure and I haven't logged in to my account using any other computer but maybe - just maybe someone did. I tried clicking the link and it send to a somewhat legit microsoft page. Can anyone shed light into this? I attached snips of the email


    Click image for larger version. 

Name:	microsoft.PNG 
Views:	6 
Size:	27.9 KB 
ID:	117341Click image for larger version. 

Name:	microsoft2.jpg 
Views:	8 
Size:	227.9 KB 
ID:	117342Click image for larger version. 

Name:	microsoft3.PNG 
Views:	6 
Size:	51.4 KB 
ID:	117343
      My ComputerSystem Spec

  2. topgundcp's Avatar
    Posts : 2,438
    Ubuntu14.04x64 MintMate17x64 Win10Prox64
       16 Jan 2017 #2

    It's a scam. MS never email anybody for such thing.
      My ComputerSystem Spec

  3. TairikuOkami's Avatar
    Posts : 3,417
    10.6 Home 1809 x64
       16 Jan 2017 #3

    Check your recent activity to verify.

    Sign in to your Microsoft account
      My ComputerSystem Spec


  4. Posts : 47
    Microsoft Windows 10 Pro 64-bit
    Thread Starter
       16 Jan 2017 #4

    Thanks for the tip guys. I changed my password just to be sure using the link you gave Tairiku. The funny thing is, the confirmation email sender when I changed my password is the same email that sent me the warning in the first place. I checked the recent activities and my account was not logged in from another place. Maybe it was just a false alarm.
      My ComputerSystem Spec

  5. Kari's Avatar
    Posts : 15,037
    Windows 10 Pro
       16 Jan 2017 #5

    topgundcp said: View Post
    It's a scam. MS never email anybody for such thing.
    I am sorry but I think you are wrong.

    These emails can be and sometimes are scams, but in these cases the sender is not an email from a valid Microsoft sender and link does not take to valid Microsoft https site. I have received exactly the same message on various Live, MSN and outlook.com addresses a few times and they have always been valid.

    Noticeable is that as OP's last screenshot shows, link in email took to authentic secured Microsoft site.

    Microsoft really sends this message when there has been unusual or suspected activity. Last time I got this message when I wanted to share something personal from OneDrive (not shared publicly) with someone in another country who has nor has never had any Microsoft accounts or emails. For some reason he could not download the shared file although I had set sharing not to require a Microsoft account.

    As I trust my life in hands of this person, I decided to let him sign in to OneDrive with my credentials and download the file. I first changed password of my outlook.com email to a temporary password and disabled two step authentication as he was waiting on phone, he then signed in to my OneDrive and downloaded the file, me all the time waiting on the phone, and when he was done and signed out I immediately changed my password again and re-enabled two step authentication.

    Exactly the same email than in OP's first screenshot arrived not a full day later.

    In OP's case I assume that even when checking the message header it reveals it really came from actual Microsoft domain.

    Kari
      My ComputerSystem Spec

  6. topgundcp's Avatar
    Posts : 2,438
    Ubuntu14.04x64 MintMate17x64 Win10Prox64
       16 Jan 2017 #6

    @Kari
    OK. Thanks for the correction.
      My ComputerSystem Spec

  7. Bree's Avatar
    Posts : 8,839
    10 Home x64 (1809) (10 Pro on 2nd pc)
       16 Jan 2017 #7

    Kari said: View Post
    In OP's case I assume that even when checking the message header it reveals it really came from actual Microsoft domain.
    Always look at the full header if you have any doubts about authenticity. 'From' addresses can be spoofed, look at the originating domain to see if it truly came from who it said it did.
      My ComputersSystem Spec

  8. Kari's Avatar
    Posts : 15,037
    Windows 10 Pro
       16 Jan 2017 #8

    Bree said: View Post
    Always look at the full header if you have any doubts about authenticity. 'From' addresses can be spoofed, look at the originating domain to see if it truly came from who it said it did.
    True. The problem today is that many scammers use the original message body from real, original messages. It can sometimes be really difficult to say if message is real or fake without checking all available information.

    Full header also reveals the real URL in links in email. If link says it's for account management for your Microsoft email account and link really is https://account.microsoft.com (or https://account.live.com), it's a real thing.

    An example of a recent email from Microsoft regarding app passwords of one of my Microsoft email accounts. The button to click shows not where the click takes me, but message header as it shows all information reveals that it in fact is a valid, real Microsoft secure site:

    Click image for larger version. 

Name:	image.png 
Views:	6 
Size:	131.3 KB 
ID:	117359
      My ComputerSystem Spec


  9. Posts : 47
    Microsoft Windows 10 Pro 64-bit
    Thread Starter
       17 Jan 2017 #9

    Kari said: View Post
    True. The problem today is that many scammers use the original message body from real, original messages. It can sometimes be really difficult to say if message is real or fake without checking all available information.

    Full header also reveals the real URL in links in email. If link says it's for account management for your Microsoft email account and link really is https://account.microsoft.com (or https://account.live.com), it's a real thing.

    An example of a recent email from Microsoft regarding app passwords of one of my Microsoft email accounts. The button to click shows not where the click takes me, but message header as it shows all information reveals that it in fact is a valid, real Microsoft secure site:
    Click image for larger version. 

Name:	image.png 
Views:	6 
Size:	131.3 KB 
ID:	117359
    A normal user would have a hard time guessing if the email is legit or not. Sometimes the email looks very legit.
      My ComputerSystem Spec

  10. Kari's Avatar
    Posts : 15,037
    Windows 10 Pro
       17 Jan 2017 #10

    jaypels said: View Post
    A normal user would have a hard time guessing if the email is legit or not. Sometimes the email looks very legit.
    That's what I said in my previous post. Scammers copying and using the original message body, layout, everything, it makes it hard to see if real or fake.

    A bit long reply now but as I think this might benefit a user or two, I'll post it:

    Using email from my inbox, exactly like the one in your original post as an example, before clicking any links simply bring the pointer on top of the link, not clicking it. Browsers using a status bar at bottom will now show the real URL, the address where you will be taken in statusbar bottom left:

    Click image for larger version. 

Name:	image.png 
Views:	46 
Size:	27.2 KB 
ID:	117484

    Microsoft Edge does not have statusbar but the link URL should also be seen bottom left. Link text could be anything but the URL shown when you mouse over it is always the one where you would be taken if you click the link.

    If for some reason the URL is not shown you can right click the link and copy it:

    Click image for larger version. 

Name:	image.png 
Views:	1 
Size:	31.1 KB 
ID:	117485

    Now paste it in Notepad (some advice I've seen says paste it in browser addressbar but I do not recommend it because an accidental key press might open the link):

    Click image for larger version. 

Name:	image.png 
Views:	45 
Size:	43.3 KB 
ID:	117486

    Now you can see if the link URL is real or fake. In the address you'll see protocol (red in screenshot above, usually either http or https, latter being secure), subdomain (blue), domain (green) and top level domain (TLD, yellow).

    Subdomain can be whatever, every domain owner can set up any preferred subdomains. Most common subdomain is www. Subdomain www is usually not needed to enter a domain's website, you can browse to TenForums with either tenforums.com without www subdomain or www.tenforums.com with subdomain.

    It's enough to be sure link is real if domain and top level domain are real, in this case microsoft.com. Regardless which if any subdomain is shown, that can't be faked: no one else than Microsoft web admins can add subdomains to Microsoft domain.

    Kari
    Last edited by Kari; 17 Jan 2017 at 06:57. Reason: Bottom left, not bottom right :)
      My ComputerSystem Spec


 

Related Threads
MS seems to be having a field day updating the native apps at the moment, virtually all the native ones have updates available over last couple days so if your store update settings are set to manual you might want to run a check. About the only one...
Hi, Sorry but I'm a newb when it comes to computers and forums, this is my first forum post, so I'm sorry if I do anything bad. I've recently installed Windows 10, but I've realised that my Microsoft office has stopped working. I want to open...
9-21-2015 Today I received and installed an update from Microsoft labeled Adobe Flash Player Security Update for Internet Explorer. I don't have the Adobe Flash Player Active-X plug-in installed. In fact, Windows10 won't let me install it. ...
Well, just downloaded the Windows 10 today and want to add another email account. This one is a microsoft one(my husband's)-we just want to check the mail on it not sign in with it. So, how do you add another email account without having to sign on...
See: Watch the Microsoft Ignite keynote live! Microsoft Ignite - Agenda Microsoft Ignite - Sessions Microsoft Ignite - Why Ignite
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 17:25.
Find Us