Don’t Mistake This Microsoft Security Alert for Spam
I recently received two alerts from Microsoft that someone was trying to sign into my account. The emails offered me links to view activity and reset my password, as well as a link to learn about ways to improve the security of my account. To be honest, the emails seemed… strange to me, and I almost completely ignored them. Spoiler alert: I soon realized they were real. Someone was trying to break into my account and I almost let them because I thought the security warnings from Microsoft were spam.
Microsoft security warnings may look like spam to you
Why did I decide that Microsoft’s security warnings are phishing attempts? First, I rarely use this account. In fact, I can’t remember the last time I entered it. I thought, why this account right now?
Secondly, they just seemed like spam. The design of the emails didn’t match what I thought Microsoft should have done. The big blue “Security Warning” message at the top of one email and “Unusual sign-in activity” in another didn’t line up with the other text elements, which looked sloppy. Even the caption — “Microsoft Account Team” — struck me because I thought Microsoft would capitalize the full name. Speaking of which, although the email was sent by the “Microsoft account group”, the email read as “email@example.com”. It’s okay, but it seemed too complicated for an official email address.
So, I googled and found that I am not alone. There are support pages filled with people asking, “Um, is this spam or am I really having a problem?” What made the difference for me was that this Microsoft support page discussed why you might get a security warning in Office 365, with a picture of such a warning that looked identical to one of my emails. The purpose of the article was not to confirm the legitimacy of the warning – that was taken for granted from Microsoft’s point of view.
I decided to sign in with my Microsoft account. And now, someone actually got access to it. Luckily, they didn’t seem to do anything with that power: I was able to log in and reset my password and security settings without any problems. However, based on my recent activities, I can confirm that someone in Europe successfully hacked into the account, which is what the security alarm alerted me to.
How to know if this security warning is legal
In recent years, scammers have learned how to create phishing emails that look legitimate, so even a legitimate email from Microsoft can alert you. However, there are some signs that give away the authenticity of an email, or lack of it.
Of course, there is a “smell test”: does this email look like spam? Are there spelling or grammatical errors? Formatting disabled? Does this sound like a formal message or more informal? In most cases, if it appears to be fake, it probably is. However, this doesn’t always work, as seen in my experience here.
Also check who actually sent the email. It’s easy enough to fake the sender’s name, but the email address will always show up if you click on it. In my case, the address threw me off, but Google gave something. Turns out “firstname.lastname@example.org” is a real Microsoft support email.
It is unlikely that opening a spam email will do you any harm. It is the links within it (or any attachments) that are the real threat. You don’t want to click on the wrong URL, so it’s important to make sure the hyperlink is real before you open it. Thus, always hover over a link to show its true URL. In my case, all the links were pointing to legitimate Microsoft support pages, not a string of dreaded text and numbers leading to God knows where.
However, if in doubt, do not click on the links. Even though the hover trick was tested, I still avoided the link entirely. Instead, I went to the Microsoft website on my own and logged in from there, which allowed me to confirm that someone had hacked into the account. And never open attachments you don’t know.
Remember, Google is your friend. If the email is purporting to be from a large company like Microsoft, chances are other people have received it as well. There is a good chance they were asking about emails on forums or support pages and hopefully someone was able to figure out if the messages were fake or not.
The number of cyberattacks is on the rise, so it never hurts to be careful. Just make sure you’re not so careful to let other scammers through.