"Microsoft Account Unusual Sign-in Activity" Phishing Scam

  • Save
  • Comments: 33
  • Views: 66,822
  • Updated: September 28, 2019 2019-09-28T11:58:39
  • Date: September 8, 2016
 +
Microsoft Account Unusual Sign-in Activity Phishing Scam

Would you share this Article with others?

  • Yes (4)
  •       
  • No (0)   

The email message below: "Microsoft account unusual sign-in activity," is a fake. The email message was NOT sent by Microsoft and is a phishing scam created by cybercriminals to steal Microsoft, MSN, Hotmail, Live or Outlook usernames and passwords. Therefore, recipients of the fake email message are asked not to click on the links or follow the instructions in it. Microsoft email users who have received similar emails and who want to know if there is something actually wrong with their accounts, may go directly to www.outlook.com, www.hotmail.com or www.live.com and sign into their accounts. If there is something wrong, or if there is something that needs to be done on their accounts, they will be notified after signing in.

It is recommended that Microsoft Hotmail, Live or Outlook users never click on a link to sign into their accounts. They should go directly to www.outlook.com, www.hotmail.com or www.live.com sign-in from there instead.

The "Microsoft Account Unusual Sign-in Activity" Phishing Scam

From: Outlook Administrator messagecennterdebt@outlook.com
Date: September 8, 2016 at 8:46:48 AM EDT
Subject: Microsoft account unusual sign-in activity

Unusual Activity Detected

We detected something unusual about a recent activity to the Microsoft account. To help keep you safe, we required an extra security challenge. You will need to verify your Microsoft email account below to confirm that the recent activity was yours and to regain access and enjoy our unlimited service.

Verify Now

What happened?

Using a shared computer to access your account.

Logging in your microsoft account from blacklisted IP.

Not logging off your account after usage.

Thanks for using your Microsoft account to bring the people who matter most together in one place. You can change your connection settings anytime and find more ways to connect at businnesmn.com/content/themes/ fourteen/genericons/font/dirrect.php.

See you online,
The Microsoft team

The links in the phishing email message go to the following fake and phishing website:

  • businnesmn.com

If you were tricked into entering your username and password on the fake MSN / Hotmail / Live / Outlook webpage, please change your password immediately.

Click here to change your password.

For a list of other MSN, Hotmail, Live or Outlook phishing or fake email messages, click here.

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Check the comment section below for additional information, if there is any. Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com. And, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent. Also, to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Recommended by us:
Comments, Questions, Answers, or Reviews
(Total: 33)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

  • August 14, 2019 at 9:46 AM by info

    "Hello,

    We Have Detected Unusual Activity With Your Windows Account on Your Computer.

    Login Has Occurred on 08/10/2019 @ 5:23 AM EST From IP: 128.58.457.54 Geo

    Location Found: Eastern Russia.

    If This Was Not You Please Call the Windows Security Team at 1-858-451-4210.

    (Be at your computer)

    Windows Security Team

    1-858-451-4210"

    Here is another scam.

    remove

  • August 13, 2019 at 12:47 PM by an anonymous user from Webster, New York, United States

    This appears to be another similar message:

    "Account unusual sign-in activity

    Hello,

    We Have Detected Unusual Activity With Your Windows Account on Your Computer.

    Login Has Occurred on 08/10/2019 @ 5:23 AM EST From IP: 128.58.457.54 Geo

    Location Found: Eastern Russia.

    If This Was Not You Please Call the Windows Security Team at 1-858-451-4210.

    (Be at your computer)

    Windows Security Team

    1-858-451-4210"

    remove

    • August 13, 2019 at 12:55 PM by info

      Yes, it is another scam.

      remove

  • July 12, 2019 at 8:14 PM by info

    "From: Microsoft <msa@communication.microsoft.com>

    Sent: Tuesday, July 9, 2019 9:52 AM

    Subject: Microsoft Office 365 Sign-In Activity

    Make business tasks easier | View it online

    Microsoft Office 365 Sign-In Activity

    Microsoft takes securing your email service seriously, your mail servers reported unusual email activity we'd like you to address, click to view reports below

    hxxp://ecyclingusa.com/wp-includes/js/dist/vendor/

    View Report

    Run and grow your business with these apps"

    Outlook Customer Manager

    Automatically organizes information,

    Here is another scam.

    remove

  • October 7, 2018 at 10:58 AM by info

    Here is another scam:

    "Security Information

    Outlook service <cindysaint-germain@hotmail.com>

    Today, 7:58 AM

    Dear subscriber,

    We have detected an unusual recent connection to your Microsoft account. For security reasons your mail will be temporarily blocked in order to continue using our services, please follow the procedure Click here

    Thank you for using our services

    Copyright 2018"

    remove

  • August 21, 2018 at 4:48 PM by info

    Here is another scam:

    "From: Outlook.com -Hotmail- Office Support <jgibb369@longviewbuildersclinics.com>

    Date: 21 August 2018 at 14:22:31 BST

    Subject: Temporary error: Email Delivery failed!

    e-Mail:

    Unusual sign-in activity

    Hello,

    We detected something unusual about a recent sign-in to the Microsoft account.

    Review recent activity

    The information in this electronic e.Mail message is private and confidential, and only intended for the addressee.

    Thanks,

    Nick Lane

    MicrosoftOutlook account team"

    remove

  • June 15, 2018 at 3:58 PM by an anonymous user from Fullerton, California, United States

    This must be a scam:

    "Microsoft account team <account-security-noreply@accountprotection.microsoft.com> Unsubscribe

    12:02 PM (1 hour ago)

    to me

    Microsoft account

    Unusual sign-in activity

    We detected something unusual about a recent sign-in to the Microsoft account *****@gmail.com.

    Sign-in details

    Country/region: Vietnam

    IP address: 115.79.32.243

    Date: 6/15/2018 12:02 PM (PST)

    Platform: Windows

    Browser: Firefox

    Please go to your recent activity page to let us know whether or not this was you. If this wasn't you, we'll help you secure your account. If this was you, we'll trust similar activity in the future.

    Review recent activity

    To opt out or change where you receive security notifications, click here.

    Thanks,

    The Microsoft account team

    remove

    • July 10, 2019 at 2:06 PM by an anonymous user from Ulster Park, New York, United States

      Just got this one. Different details, but same exact format. Figured it was a scam, email pushed it to my "junk" folder. Just looked over my MS account (not through their "Review Recent Activity" link, of course), everything looks normal. Figured I'd do some additional digging to be sure.

      Thanks for the info.

      remove

    • June 20, 2018 at 7:44 PM by an anonymous user from Halifax, Nova Scotia, Canada

      I got a similar email (claiming that my account was signed into from Vietnam as well, but a different IP address) - only, my account is with Gmail!

      They must have gotten something mixed up there...Usually such emails come from Google. I did click the link (silly me!) but didn't enter passwords or anything. Hopefully my computer will be okay...

      remove

      • June 20, 2018 at 10:10 PM by info

        Yes, you are OK.

        remove

  • May 30, 2018 at 8:31 PM by info

    Here is another scam:

    "From: Microsoft Office365 [account-security-noreply@accountprotection.com]

    Sent: Wednesday, 30 May 2018 1:10 AM

    Subject: Microsoft account unusual sign-in activity

    Microsoft account

    Unusual sign-in activity

    We detected something unusual about a recent sign-in to your Microsoft Office 365 account with email address .

    Sign-in details:

    Country/region: Russia

    IP address: 213.183.58.12

    Date: 9/01/2018 11:32 AM (PST)

    If this was you, then you can safely ignore this email.

    If you're not sure this was you, a malicious user might have your password.

    To help keep you safe, we required you to review your Office 365 E-mail account by sign-in into your Office 365 E-mail account, you will be introduced to new term of Microsoft service agreement that will strengthen the security of your Microsoft E-mail account.

    Review recent activity

    We'll help you take corrective action after you review has your Office 365 E-mail account.

    This message was sent to . To opt out or change where you receive security notifications, click here.

    Thanks,

    The Microsoft account team"

    remove

  • April 10, 2018 at 11:42 PM by info

    Here is another scam:

    -------- Original message --------

    From: Microsoft account team

    Date: 4/6/2018 5:04 PM (GMT-06:00)

    Subject: Your account will be deactivated

    Microsoft account

    Unusual sign-in activity

    This is to inform you that your request on: 04/04/2018 09:18:02.PM. to remove your account meweaz@*****.***

    from outlook.com server has been approved and will initiate in one hour from the exact time you open this message. Regards. ignore this message to continue with email removal or If this deactivation was not requested by you Please reply us. If You Receive

    This Message In Your Junk or Spam Its Due to Your Internet Provider

    remove

  • April 10, 2018 at 3:00 PM by info

    Here is another scam:

    "From: Microsoft account team <account-security-noreply@accountprotection.microsoft.com>

    Sent: Monday, April 9, 2018 11:45 PM

    Subject: Microsoft account unusual sign-in activity

    Microsoft account

    Verify your account

    We detected something unusual about a recent sign-in for the Microsoft account jn*****@msn.com. For example, you might be signing in from a new location, device, or app.

    To help keep you safe, we've blocked access to your inbox, contacts list, and calendar for that sign-in. Please review your recent activity and we'll help you secure your account. To regain access, you'll need to confirm that the recent activity was yours.

    Review recent activity

    Thanks,

    The Microsoft account team"

    remove

  • February 19, 2018 at 11:18 AM by an anonymous user from Houston, Texas, United States

    I got the same number being used in a hoax, but with a typo related to being a non-English speaker... what idiots!

    remove

  • December 15, 2017 at 11:07 AM by an anonymous user from Rockville, Maryland, United States

    account-security-noreply@ accountprotection.microsoft.com SAID I NEEDED TO SIGN IN TO MY ACCOUNT?

    remove

  • November 30, 2017 at 2:42 AM by an anonymous user from Edgware, England, United Kingdom

    My latest one was a lot more convincing. The hyperlink was to https://account.microsoft.com/activity that looks a lot more plausible.

    remove

  • October 9, 2017 at 10:45 AM by info

    Here is another scam:

    "From: ACCOUNT TEAM OFFICE <327453278@345nbd.com>

    Sent: Monday, October 9, 2017 7:53:29 AM

    To: team-member-noreply@outlook.com

    Subject: ID: 133 - Email Security Alert! (Oct. 2017) MT

    Unusual Activity Detected

    We detected something unusual about a recent activity to your e-mail account. To help keep you safe, we required an extra security challenge. You will need to verify your email account below to confirm that the recent activity was yours and to regain access and enjoy our unlimited service. Failure to verify will lead to permanent suspension of your account

    What happened? Verify Now

    Using a shared computer to access your account.

    Logging in your account from blacklisted IP.

    Not logging off your account after usage.

    Thanks for using your account to bring the people who matter most together in one place. You can change your connection settings anytime and find more ways to connect.

    See you online,

    The account team"

    remove

  • July 23, 2017 at 10:49 AM by info

    Here is another scam:

    "From: Microsoft.com account Team

    Sent: Sunday, 23 July, 08:49

    Subject: Customer ID: 1202: Microsoft account security warning

    To: account-security-noreply@account.microsoft.com

    Verify your account

    Dear user,

    We detected something unusual about a recent sign-in for your account. Might be due to the following reasons.

    1. A recent change in your personal information. (eg: address, phone)

    2. Illegal attempt to use your account from a different location.

    3. Virus attachment without specific recipient.

    To help keep you safe, we've blocked access to your inbox, contacts list, and calendar for that, please verify your account to regain access. Kindly sign-in from your regular device.

    Verify account now

    Please follow the security verification to keep your account safe.

    Thanks,

    Customer account team"

    remove

  • June 17, 2017 at 8:41 AM by an anonymous user from Glasgow, Scotland, United Kingdom

    "account-security-noreply@accountprotection.microsoft.com." Is this a genuine email from Microsoft?

    remove

    • September 17, 2017 at 3:00 PM by an anonymous user from Dudley, England, United Kingdom

      I had that same email address come though a few days ago, but the fact I could still access my email account meant it had to be bogus. Best thing is to try and log in from the outlook site, if you think the email is fake.

      remove

    • June 17, 2017 at 10:22 AM by info

      No. The address was created by cyber criminals to trick recipients of their scams into believing their fake or phishing email messages are real.

      remove

  • April 25, 2017 at 9:50 AM by info

    Here is another scam:

    "From: account-security-noreply@account.microsoft.com <pdedwards@optusnet.com.au>

    Sent: 25 April 2017 07:33

    Subject: Unusual sign-in activity!

    Microsoft account Receiver: helenwilson35@hotmail.com Security info replacement

    Someone started a process to replace all of the security info for the Microsoft account helenwilson35@hotmail.com

    If this was you, you can safely ignore this email.

    Your security info will be replaced with 447810683552 when the 30-day waiting period is up.

    If this wasn't you, someone else might be trying to take over helenwilson35@hotmail.com

    Click here and we'll help you protect this account."

    remove

  • March 23, 2017 at 12:30 AM by an anonymous user from Bathurst, New South Wales, Australia

    I have this phishing scam email pop up every time I open Live Mail. It must reside on my pc. There are lots of warnings about this scam but no information how to get rid of it. I have tried several anti-virus programs to no avail.

    How do I get rid of or block this scam email?

    Regards

    Mal

    remove

    • March 23, 2017 at 5:54 AM by info

      What does the phishing message says?

      <a href="/article/2013/1/13/adwcleaner-delete-adware-toolbars-potentially-unwanted-programs-browser-hijackers/">Click here</a> to try a program called AdwCleaner that I think can remove the Malware on your PC.

      And, if the program above does not work, try and uninstall and then reinstall Live Mail.

      remove

  • March 5, 2017 at 10:25 PM by an anonymous user from Boston, Massachusetts, United States

    Malicious popup to sign in to Hotmail to receive messages immediately after Firefox downloads. This happened after password was changed. Told twice to enter new password.

    remove

  • February 8, 2017 at 10:26 PM by info

    Here is another scam:

    "From: Message311.ByHotmail.311605@gw.novell.com

    Sent: February 8, 2017 9:48 AM

    Subject: E-mail Account Alert! [ID-KEF311]

    Unusual email account activity!

    Error-ID: [311-KE-311]

    We`re having a problem verifying your email account information.

    You might not be able to see all your email messages due to several security concerns. We will start working on fixing the problem as soon as you verify your account details.

    To ensure that your email service is not interrupted, we request you to confirm and update your information today by following the link below:

    (c) The Microsoft account team 2017"

    remove

  • December 8, 2016 at 11:53 AM by info

    Here is another scam:

    "From: Windows E-mail Service [mailto:bryanmark@terminal21sall.com]

    Sent: Thursday, December 08, 2016 4:07 AM

    To: noreplyoffice@msnteam.com

    Subject: Action Required: Mail on Stopped (Final Warning)

    Microsoft

    Unusual Activity Detected

    We detected something unusual about a recent activity to your microsoft e-mail account. To help keep you safe, we required an extra security challenge. You will need to verify your microsoft email account below to confirm that the recent activity was yours and to regain access and enjoy our unlimited service. Failure to verify will lead to permanent suspension of your account

    Verify Now

    What happened?

    Using a shared computer to access your account.

    Logging in your microsoft account from blacklisted IP.

    Not logging off your account after usage.

    Thanks for using your Microsoft account to bring the people who matter most together in one place. You can change your connection settings anytime and find more ways to connect at https://profile.live.com/services.

    See you online,

    The Microsoft team"

    remove

    • December 11, 2016 at 7:21 PM by an anonymous user from Jackson, New Jersey, United States

      Thank you. I received a message like that.

      remove

  • November 17, 2016 at 8:30 AM by info

    Here is another scam:

    "From: Outlook Team

    Sent: 16 November 2016 08:41

    Subject: Microsoft account unusual sign-in activity

    Your Account Will be Blocked

    Dear User,

    We are contacting you to inform you that our Microsoft Account Review Team identified

    some unusual errors in your Microsoft account profile. This may be due to the following

    Using a shared computer to access your Microsoft Outlook account.

    Logging in your Microsoft Outlook account from blacklisted IP

    Not logging off your Microsoft Outlook account after usage.

    In order to safeguard your account, we require that you confirm your Outlook Account

    Access the following link to complete the verification of your Outlook Account.

    Unblock Verify Now

    Thanks,

    Microsoft ID Customer Support

    Copyright 2016 Inc.

    All rights reserved. Terms of Service,

    Microsoft Account Team."

    remove

  • November 4, 2016 at 6:58 AM by an anonymous user from Carrollton, Texas, United States

    I got it and stupidly fell for it. The PRIMARY reason for this potential tragedy is that Microsoft has conditioned me to respond to such requests. From time to time, Microsoft decides to force password changes even though I will swear to God himself that my own account is blameless and not in need of action.

    It burns a *lot* of time and causes errors and sometimes extended expensive temporary loss of access when they do that. It happens so often, for NO REASONABLE CAUSE, that finally this time I shot myself in the foot when an imposter came calling.

    This dumbing down, sheep treatment by Microsoft has [somewhat] worn me into a dumb sheep. Their mantra of Deproductivity has claimed, for a moment anyway, one more victim.

    Microsoft designers in many, many, many technical regards the most technologically inept designers in history, and with the power that they yield, their ineptness inflicts untold damage on the world as they damage productivity.

    Before Microsoft, the U.S. ascended to superiority in all aspects of science and technology. Since Microsoft, that superiority has partially crumbled. Microsoft is a huge factor in that. Don't be fooled by clueless fanboy journalism. They are to a huge degree self-deluded imbeciles.

    I wish the Justice Department would quit jerking off and go ahead and bust their monopoly!

    remove

  • September 24, 2016 at 10:17 PM by info

    Here is another scam:

    "From: Outlook©

    Sent: ‎Saturday‎, ‎September‎ ‎24‎, ‎2016 ‎6‎:‎25‎ ‎AM

    Unusual Activity Detected

    We detected something unusual about a recent activity to your microsoft e-mail account. To help keep you safe, we required an extra security challenge. You will need to verify your microsoft email account below to confirm that the recent activity was yours and to regain access and enjoy our unlimited service. Failure to verify will lead to permanent suspension of your account

    Verify Now

    What happened?

    Using a shared computer to access your account.

    Logging in your microsoft account from blacklisted IP.

    Not logging off your account after usage.

    Thanks for using your Microsoft account to bring the people who matter most together in one place. You can change your connection settings anytime and find more ways to connect at https://profile.live.com/services.

    See you online,

    The Microsoft team"

    remove

  • September 20, 2016 at 9:32 AM by info

    Here is another phishing message:

    "From: AbdulMougheeth Halfawi

    Sent: Monday, September 19, 2016 9:19 PM

    Subject: Microsoft account unusual sign-in activity

    Welcome to new Outlook.com

    Due to the ongoing update in our system/server you are required to re-verify your account within 24 hours to enable us register your

    country/device in our database. Failure to re-verify your account will lead to account de-activation and you will no longer have access

    to many of the features for improved Conversations, contacts and attachments.

    Take a minute to re-verify your account for a faster, safer and full-featured Microsoft Outlook experience.

    Your security tight is our concern!

    Click here to re-verify your account

    Thank you for using Microsoft products and services."

    remove

    • September 21, 2017 at 1:26 AM by an anonymous user from Cardiff, Wales, United Kingdom

      I have had a similar email this morning about an old Microsoft account and email that I no longer use, plus I revived the same message via SMS. I didn't click any links as it looked phishy...

      remove

 Show More Comments (33)
Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

Online Threat Alerts (OTA)

"Microsoft Account Unusual Sign-in Activity" Phishing Scam