cross-posted from: https://lemmy.world/post/12063839
Someone keeps trying to access my MS account
Like the title says, I’ve got yesterday an email with a code to access my Microsoft account and that made me suspicious because I wasn’t trying to login to my account. When I looked at the login attempts I saw that someone else was trying to access my account, I changed my password, activated TFA. Thinking of going through and buying a physical key like yubico to further secure my account. Any tips are appreciated.
If you have 2FA enabled they won’t be able to get in, but if you change your password and they’re still trying, that means that somehow they have your new password, which means you probably have a credential stealer in your PC or one of your devices. I would reinstall windows immediately then change EVERY password.
It’s good to be paranoid, but for years I have had periodic sign-ups for lists I never wanted, services I never asked for, medical appointments and plane ticket reservations(!) I didn’t make … you name it.
All because I was an early gmail invitee, so my account is just ‘firstinitiallastname@gmail.com’ (with no ‘123’, or other decorations) – I was the FIRST. And I’ll be damned if I give it up!
So, so many people with my first initial and surname forget to add whatever crap they added to their signup after they must have gotten the error message at sign-up that told them ‘sorry, but firstname.lastname@gmail.com is already taken’ and they then forget whatever they added, and keep using my email address when they register for whatever crap they do. So bloody annoying.
I’ve taken to just logging into the numerous sites they helpfully send me registration links for, and if there’s a profile section I may (if I’m feeling cranky) set their profile photo and bio to unsavoury things, before locking the account. If I’m not feeling cranky I just unsubscribe/delete the account.
deleted by creator
deleted by creator
This is normal. All of my accounts have looked like this for years. So I imagine every account with Microsoft will see this bombardment of someone trying to get in.
It’s not just Microsoft - every server on the internet with an open port gets bombarded all of the time. It’s just the way of the internet. So if you move your account to another platform it’ll see the same bombardment as it does now.
deleted by creator
Do you use your email addresses on websites? I find it hard to believe you don’t see this when you look at it in the security page of Outlook if you use your email address for more than just emailing friends and family.
deleted by creator
Personally my hotmail account is nearing 25 years old. I both get this and godawful amounts of spam. I’m not sure if its entirely due to age, or due to historic leaks including the email address. I would say it’s normal if you have the same email as you did in the 90s.
deleted by creator
Oh sorry I didn’t realise we were supposed to be living off grid entirely to be allowed to browse this sub.
You should probably stop going to work and school, too much exposure.
I would contact Microsoft support immediately
Why reach out to them when they call me every few days about my computer having a virus?
I have this also all the time on my Microsoft account. All un-successful of course (long password and 2FA activated). So stopped looking at this.
First time it’s happening to me, makes me feel uncomfortable.
