• 0

Someone is hard at work


Go to solution Solved by Richard Burtov,

Question

Krome

Hey guys,

 

Someone is trying hard to hack my Microsoft Live account.  When I log into my Microsoft account, nothing is out of the ordinary.  What should I do?  Is this just phishing?  I didn't click the link but hover over it and it belongs to Microsoft.  WOT does not report a red circle.  Should I report to Microsoft?  Should I be concern?  What would you guys do?

 

post-956-0-17664900-1430795667.png

 

post-956-0-27886300-1430795681.png

 

post-956-0-76839800-1430795697.png

 

post-956-0-60088700-1430795707.png

 

Link to post
Share on other sites

10 answers to this question

Recommended Posts

  • 0
siah1214

Change your password, enable two factor authentication. 

  • Like 2
Link to post
Share on other sites
  • 0
Krome

I have two factor authentication in place already. But I get those mail sent to my gmail.  Not sure what's going on.

Link to post
Share on other sites
  • 0
The Evil Overlord

There is an option somewhere on the website to have a live chat with Microsoft,

I usually contact them via logging in to their (old) hotmail.com address (usually gets redirected) and them ask via the chat to find out what's going on.

Usually they'll lock out advanced features leaving only the basic send/receive mail for a month, after you give them new credentials to update your details.

After the month has passed you can get all the other features back automatically, (which I don't know what they are, as I don't use them)

They're actually reasonably helpful

(I went through a similar incident)

Link to post
Share on other sites
  • 0
Richard Burtov

Have a look at the activity log in your MS account and that will show the IP addresses of where these are coming from.

Link to post
Share on other sites
  • 0
Xahid

It's happening with me too, (from facebook/gamil/hotmail), I just report them (as it mentioned). & that will works.

Link to post
Share on other sites
  • 0
Obi-Wan Kenobi

Maybe, just maybe....you shouldn't have installed windows 8 on a particular device with your account logged in, and then sold it. I can sell my laptop right now, but I'm still signed in, and the new owner wouldn't know any better. First thing they'd most likely do is refresh (thinking that they'd formatted C:) End users don't know that they need to sign into their own microsoft account, all they see is an email address......then next....next....etc. I'm just throwing it out there, so don't hate me. It is a scenario, however. ;)

Link to post
Share on other sites
  • 0
Krome

There is an option somewhere on the website to have a live chat with Microsoft,

I usually contact them via logging in to their (old) hotmail.com address (usually gets redirected) and them ask via the chat to find out what's going on.

Usually they'll lock out advanced features leaving only the basic send/receive mail for a month, after you give them new credentials to update your details.

After the month has passed you can get all the other features back automatically, (which I don't know what they are, as I don't use them)

They're actually reasonably helpful

(I went through a similar incident)

Have a look at the activity log in your MS account and that will show the IP addresses of where these are coming from.

Live account is very confusing. The best thing that I use that account is when I log into the mail.live.com directly or I will get lost. I got lost trying to find contact list.  So attempting to contact Microsoft is a lost cause for me. If I can live chat with them or find IP activity, that would be good.  Gonna have to play with the account.

 

Maybe, just maybe....you shouldn't have installed windows 8 on a particular device with your account logged in, and then sold it. I can sell my laptop right now, but I'm still signed in, and the new owner wouldn't know any better. First thing they'd most likely do is refresh (thinking that they'd formatted C:) End users don't know that they need to sign into their own microsoft account, all they see is an email address......then next....next....etc. I'm just throwing it out there, so don't hate me. It is a scenario, however. ;)

Thanks but I am a Windows 7 user.  And yeah I do not like how that works.  I mean the computer literally hooked itself to your mail account.  Just a bad idea.

Link to post
Share on other sites
  • 0
Tuskd

Had the same problem with my account too some months ago. There were repeated attempts to access my account from Florida and Singapore. Changed my password and they were gone.

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Usama Jawad96
      Runtime inspection of XLM macros is now available in Microsoft Excel
      by Usama Jawad

      Excel 4.0 (XLM) is an old macro language which Microsoft released for Excel back in 1992. Although it is a legacy language and most organizations have since migrated to Visual Basic for Applications (VBA), some continue to use XLM because of its functionalities and interoperability with the OS. Microsoft has noticed that due to its continued use, malicious actors have started to abuse XLM macros more frequently, which is why the company is now enabling runtime inspection of XLM code in Microsoft Excel.



      Microsoft's Antimalware Scan Interface (AMSI) was already integrated with VBA back in 2018 and has been very successful in exposing and stopping malware attacks dependent upon the particular technology. Naturally, malicious actors have recently shifted focus to relatively less secure technologies such as XLM to call Win32 APIs and run shell commands for their activities. As such, Microsoft is now enabling runtime inspection of XLM code in Office 365 applications such as Excel.

      Multiple tools and antivirus solutions can utilize AMSI to request scans of data to detect potential threats. The Redmond tech giant uses it heavily with Microsoft Defender for Endpoint for threat detection in various applications such as Office VBA macros, JScript, VBScript, PowerShell, WMI, dynamically loaded .NET assemblies, and MSHTA/Jscript9.

      Microsoft has noted that this new integration with XLM is essential, saying that:

      Multiple malicious groups have been named which are using XLM macros as an attack surface for their activities including Trickbot, Zloader, and Ursnif.

      Runtime inspection of XLM in Microsoft is now available in AMSI, which means that it can be performed by any antivirus solution that is registered as an AMSI provider for a machine. Under default configurations, files that are from trusted locations or are trusted documents will not be scanned at runtime. The same also applies for files that are opened when the security settings are configured to enable all macros. The feature is enabled by default on the February Current Channel and Monthly Enterprise Channel for Microsoft 365 subscription users.

    • By News Staff
      This All-In-One 2021 Super-Sized Ethical Hacking Bundle is only $42.99
      by Steven Parker

      Today's highlighted deal comes via our Online Courses section of the Neowin Deals store, where you can save 98% off the All-In-One 2021 Super-Sized Ethical Hacking Bundle. Be a data master player with the world's best-selling online Excel diploma! Lifetime access to 60 hours and 300 easy-to-follow lessons and projects.



      This bundle consists of the following courses:

      Complete Python 3 Ethical Hacking Course: Zero to Mastery
      Learn to Code 10+ Penetration Testing Tools from Scratch Complete Ethical Hacking & Penetration Testing Course
      Web Hacking, Phishing, NMAP, Password Cracking, Penetration Testing, Metasploit & More Website Hacking in Practice: Hands-On Course 101
      Understand Today's Top Hacking Threats & How to Combat Them Hacking Wireless Networks: Theory & Practice
      Explore the Essentials of Hacking Networks with this Example-Driven Course Hacking in Practice: Certified Ethical Hacking Mega Course
      Explore Today's Cyber Threats & Shut Them Down with 20+ Hours of Practical Training Hack People, Systems & Mobile Devices: Advanced Social Engineering
      Learn Advanced Social Engineering Techniques to Crack Mobile Devices Learn Burp Suite for Advanced Web Penetration Testing
      Perform Hands-On Security Testing to Master Burp Suite Learn Server Security with BitNinja
      Enjoy Real-Time Protection, Automatic False Positive Handling & Threat Analysis All-in-One Hacking Guide: From Zero to Hero
      Master Ethical Hacking Techniques & Methodologies Used in Penetration Systems PenTesting with OWASP ZAP: Mastery Course
      Must-Have Tool Mastery for Hackers, PenTesters, Developers, Coders & Experienced Security Professionals Mastering Burp Suite Community Edition: Bug Hunters Perspective
      Learn Burp Suite Community Edition to Use It Effectively as an Ethical Hacker, Web Security Tester, or Bug Bounty Hunter Kali Linux Hacker Tools, Tricks & Techniques
      A Beginner Course for Ethical Hackers Who Are New in Kali Linux Bug Bounty: Web Hacking
      Get Paid to Legally Hack The World's Biggest Web Apps Learn Network Attacks & Security
      Explore Different Types of Network Attacks & Secure Yourself From Them Master in Hacking with Metasploit
      Hack Almost All Operating System Introduction to Python & Hacking with Python
      Create Your Own Hacking Scripts Ethical Hacker Certification Course
      Hack Windows, Linux, Android, & All Kinds of Operating Systems! Complete NMAP: Learn Ethical Hacking with NMAP
      Become an Ethical Hacker & Cyber Security Expert with NMAP Good to know
      Length of time users can access this course: Lifetime Certification of completion included Updates included Redemption deadline: redeem your code within 30 days of purchase For specifications and instructor info please click here.

      Here's the deal:
      This eLearnExcel: The Excel Certification School Bundle normally costs $3,284, but can now be yours for just $42.99, for a limited time, that's a saving of $3,241.01 (98%) off!

      Learn more about it, or get this deal now
      See all Online Courses on offer. This is a time-limited offer that ends soon.
      Get $1 credit for every $25 spent · Give $10, Get $10 · 10% off for first-time buyers.

      Not for you?
      That's OK, there are other deals on offer you can check out here.



      Home Gym Giveaway | Ultimate Gaming Giveaway (feat. PlayStation 5 & Xbox Series X) Ivacy VPN - 5 year subscription for just $1 per month NordVPN - 2 year subscription at up to 68% off Private Internet Access VPN - subscriptions at up to 71% off Unlocator VPN or SmartDNS - unblock Geoblock with 7-day free trial Neowin Store for our preferred partners. Subscribe to Neowin - for $14 a year, or $28 a year for Ad-Free experience Disable Sponsored posts · Neowin Deals · Free eBooks · Neowin Store

      Disclosure: This is a StackCommerce deal or giveaway in partnership with Neowin; an account at StackCommerce is required to participate in any deals or giveaways. For a full description of StackCommerce's privacy guidelines, go here. Neowin benefits from shared revenue of each sale made through our branded deals site, and it all goes toward the running costs.

    • By zikalify
      Malwarebytes says it was targeted by SolarWinds hackers too
      by Paul Hill



      In a blog post, the digital security firm Malwarebytes said that it had been targeted by the nation state actor implicated in the SolarWinds breach late last year that affected the U.S. government, Microsoft, Nvidia, VMware, and others.

      According to the computer security firm, it does not use SolarWinds but was attacked via another intrusion vector that leveraged applications that had privileged access to Microsoft Office 365 and Azure. Malwarebytes said that the attacker managed to get access to "a limited subset of internal company emails" but didn't find any evidence that their production systems had been compromised.

      Malwarebytes’ incident response group worked with Microsoft’s Detection and Response Team (DART) to find out how the attack happened. Explaining what the teams did, Malwarebytes CEO Marcin Kleczynski said:

      To ensure that none of its products and systems were compromised, it carried out an analysis of the Malwarebytes source code, build and delivery processes and even reverse-engineered its software. This, coupled with the fact that none of its internal systems were compromised, led the company to declare that its software remains safe to use.

      To combat these sophisticated attacks, Malwarebytes has called on other security companies to continue sharing information so that responses are effective. It also thanked the security community for working over the holiday period to respond to the hack.

    • By Usama Jawad96
      Microsoft declares war on Israeli surveillance company NSO Group
      by Usama Jawad

      Back in 2019, Israeli technology company NSO Group found itself embroiled in controversy when it was alleged that its Pegasus program was used to hack WhatsApp. The sophisticated attack technique allowed attackers to inject spyware into Android and iOS devices by simply calling them. The victim is not even required to attend the call in order for the attack to be successful.

      While WhatsApp plugged the vulnerability, it later took NSO Group to court for its malicious actions. The surveillance company has denied wrongdoing multiple times using the defense of immunity since it claims that Pegasus is used on behalf of governments. Following recent reports of Al Jazeera journalists being hacked using software developed by NSO Group, Microsoft and various other corporations have now joined the fight against the Israeli firm.

      Group of anonymous hackers in black costumes working with computers in office image via ShutterstockIn a sternly worded blog post, Corporate Vice President of Customer Security & Trust at Microsoft, Tom Burt has described NSO Group as the cyber mercenaries of the 21st century and stated that they should get no immunity. Together with Cisco, GitHub, Google, LinkedIn, VMWare, and the Internet Association, Microsoft has filed an amicus brief in WhatsApp's legal case against NSO Group. Simply stated, this means that the firms will be providing assistance to the court by offering technical expertise.

      Microsoft has highlighted that Pegasus infected WhatsApp on 1,400 devices last year, including those of journalists and prominent figures fighting against human rights violations. It emphasized that NSO Group's business model is very dangerous for a number of reasons. Primarily, there is no guarantee that the cyber-weapons won't fall into the wrong hands. Even if NSO Group sells Pegasus only to governments, it could be handed over to customers who lack proper defenses, resulting in highly dangerous software being stolen. Microsoft also stated that:

      Lastly, the Redmond tech giant emphasized that such tools developed by private security firms are a threat to human rights and privacy. It stated that NSO Group's clients are spread throughout the world, and they utilize cyber weapons to track journalists and other opposing groups. Microsoft indicated that even if NSO Group's own intention is not to violate human rights, its tools certainly allow its clients to do so.

      Moving forward, Microsoft has urged that private security firms such as NSO Group should be liable for any laws that are broken by using their tools, and they should not be granted immunity in any circumstances. The coalition hopes that the amicus brief will enable it to protect the rights and privacy of all its global customers.

    • By Ather Fawaz
      Trump campaign website briefly defaced by hackers
      by Ather Fawaz

      Image via Alex Brandon With the U.S. Presidential Elections just around the corner, President Donald Trump's campaign website was briefly taken over and defaced by hackers. In an act that lasted close to 30 minutes, The New York Times reports that hackers replaced a section of Trump's campaign website. Gabriel Lorenzo Greschler, who is a journalist at the Jewish News of Northern California, was among the first to report of the incident. Greschler stumbled upon the hack while researching climate change, and proceeded to make a video demonstrating the seized website:

      As seen above, hackers took over the 'Coalitions' tab on the President's website and claimed to have compromised 'multiple devices', essentially giving them access to 'most internal and secret conversations', including classified information. They further threatened to discredit the POTUS by choosing to either release the sensitive data or keep it a secret. The choice of this was left at the hands of site visitors; an encryption key was also dropped on the page so that the hackers could solicit votes in a cryptocurrency called Monero. The hackers also accused the Trump administration of cooperating with foreign actors in manipulating the upcoming elections and of having a hand in the advent of the coronavirus.

      Tim Murtaugh, the spokesman for the Trump campaign confirmed the reports of the website being defaced and said they were “working with law enforcement authorities to investigate the source of the attack.” He later clarified that there was no leak of sensitive data either and that the website had been restored.

      This hack comes less than a week after an ethical hacker claimed to have obtained access to President Trump's official Twitter account with the password 'maga2020!'. It's also days after the President claimed in a campaign rally that “Nobody gets hacked. To get hacked you need somebody with 197 I.Q. and he needs about 15 percent of your password.” Regardless, intelligence agencies have claimed that today's defacement could've been yet another cryptocurrency fraud to solicit money via phishing.

      Source: Gabriel Lorenzo Greschler (Twitter) via The New York Times