• 0

Someone is hard at work


Go to solution Solved by Richard Burtov,

Question

Krome

Hey guys,

 

Someone is trying hard to hack my Microsoft Live account.  When I log into my Microsoft account, nothing is out of the ordinary.  What should I do?  Is this just phishing?  I didn't click the link but hover over it and it belongs to Microsoft.  WOT does not report a red circle.  Should I report to Microsoft?  Should I be concern?  What would you guys do?

 

post-956-0-17664900-1430795667.png

 

post-956-0-27886300-1430795681.png

 

post-956-0-76839800-1430795697.png

 

post-956-0-60088700-1430795707.png

 

Link to post
Share on other sites

10 answers to this question

Recommended Posts

  • 0
siah1214

Change your password, enable two factor authentication. 

  • Like 2
Link to post
Share on other sites
  • 0
Krome

I have two factor authentication in place already. But I get those mail sent to my gmail.  Not sure what's going on.

Link to post
Share on other sites
  • 0
The Evil Overlord

There is an option somewhere on the website to have a live chat with Microsoft,

I usually contact them via logging in to their (old) hotmail.com address (usually gets redirected) and them ask via the chat to find out what's going on.

Usually they'll lock out advanced features leaving only the basic send/receive mail for a month, after you give them new credentials to update your details.

After the month has passed you can get all the other features back automatically, (which I don't know what they are, as I don't use them)

They're actually reasonably helpful

(I went through a similar incident)

Link to post
Share on other sites
  • 0
Richard Burtov

Have a look at the activity log in your MS account and that will show the IP addresses of where these are coming from.

Link to post
Share on other sites
  • 0
Xahid

It's happening with me too, (from facebook/gamil/hotmail), I just report them (as it mentioned). & that will works.

Link to post
Share on other sites
  • 0
Obi-Wan Kenobi

Maybe, just maybe....you shouldn't have installed windows 8 on a particular device with your account logged in, and then sold it. I can sell my laptop right now, but I'm still signed in, and the new owner wouldn't know any better. First thing they'd most likely do is refresh (thinking that they'd formatted C:) End users don't know that they need to sign into their own microsoft account, all they see is an email address......then next....next....etc. I'm just throwing it out there, so don't hate me. It is a scenario, however. ;)

Link to post
Share on other sites
  • 0
Krome

There is an option somewhere on the website to have a live chat with Microsoft,

I usually contact them via logging in to their (old) hotmail.com address (usually gets redirected) and them ask via the chat to find out what's going on.

Usually they'll lock out advanced features leaving only the basic send/receive mail for a month, after you give them new credentials to update your details.

After the month has passed you can get all the other features back automatically, (which I don't know what they are, as I don't use them)

They're actually reasonably helpful

(I went through a similar incident)

Have a look at the activity log in your MS account and that will show the IP addresses of where these are coming from.

Live account is very confusing. The best thing that I use that account is when I log into the mail.live.com directly or I will get lost. I got lost trying to find contact list.  So attempting to contact Microsoft is a lost cause for me. If I can live chat with them or find IP activity, that would be good.  Gonna have to play with the account.

 

Maybe, just maybe....you shouldn't have installed windows 8 on a particular device with your account logged in, and then sold it. I can sell my laptop right now, but I'm still signed in, and the new owner wouldn't know any better. First thing they'd most likely do is refresh (thinking that they'd formatted C:) End users don't know that they need to sign into their own microsoft account, all they see is an email address......then next....next....etc. I'm just throwing it out there, so don't hate me. It is a scenario, however. ;)

Thanks but I am a Windows 7 user.  And yeah I do not like how that works.  I mean the computer literally hooked itself to your mail account.  Just a bad idea.

Link to post
Share on other sites
  • 0
Tuskd

Had the same problem with my account too some months ago. There were repeated attempts to access my account from Florida and Singapore. Changed my password and they were gone.

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By zikalify
      Malwarebytes says it was targeted by SolarWinds hackers too
      by Paul Hill



      In a blog post, the digital security firm Malwarebytes said that it had been targeted by the nation state actor implicated in the SolarWinds breach late last year that affected the U.S. government, Microsoft, Nvidia, VMware, and others.

      According to the computer security firm, it does not use SolarWinds but was attacked via another intrusion vector that leveraged applications that had privileged access to Microsoft Office 365 and Azure. Malwarebytes said that the attacker managed to get access to "a limited subset of internal company emails" but didn't find any evidence that their production systems had been compromised.

      Malwarebytes’ incident response group worked with Microsoft’s Detection and Response Team (DART) to find out how the attack happened. Explaining what the teams did, Malwarebytes CEO Marcin Kleczynski said:

      To ensure that none of its products and systems were compromised, it carried out an analysis of the Malwarebytes source code, build and delivery processes and even reverse-engineered its software. This, coupled with the fact that none of its internal systems were compromised, led the company to declare that its software remains safe to use.

      To combat these sophisticated attacks, Malwarebytes has called on other security companies to continue sharing information so that responses are effective. It also thanked the security community for working over the holiday period to respond to the hack.

    • By Usama Jawad96
      Microsoft declares war on Israeli surveillance company NSO Group
      by Usama Jawad

      Back in 2019, Israeli technology company NSO Group found itself embroiled in controversy when it was alleged that its Pegasus program was used to hack WhatsApp. The sophisticated attack technique allowed attackers to inject spyware into Android and iOS devices by simply calling them. The victim is not even required to attend the call in order for the attack to be successful.

      While WhatsApp plugged the vulnerability, it later took NSO Group to court for its malicious actions. The surveillance company has denied wrongdoing multiple times using the defense of immunity since it claims that Pegasus is used on behalf of governments. Following recent reports of Al Jazeera journalists being hacked using software developed by NSO Group, Microsoft and various other corporations have now joined the fight against the Israeli firm.

      Group of anonymous hackers in black costumes working with computers in office image via ShutterstockIn a sternly worded blog post, Corporate Vice President of Customer Security & Trust at Microsoft, Tom Burt has described NSO Group as the cyber mercenaries of the 21st century and stated that they should get no immunity. Together with Cisco, GitHub, Google, LinkedIn, VMWare, and the Internet Association, Microsoft has filed an amicus brief in WhatsApp's legal case against NSO Group. Simply stated, this means that the firms will be providing assistance to the court by offering technical expertise.

      Microsoft has highlighted that Pegasus infected WhatsApp on 1,400 devices last year, including those of journalists and prominent figures fighting against human rights violations. It emphasized that NSO Group's business model is very dangerous for a number of reasons. Primarily, there is no guarantee that the cyber-weapons won't fall into the wrong hands. Even if NSO Group sells Pegasus only to governments, it could be handed over to customers who lack proper defenses, resulting in highly dangerous software being stolen. Microsoft also stated that:

      Lastly, the Redmond tech giant emphasized that such tools developed by private security firms are a threat to human rights and privacy. It stated that NSO Group's clients are spread throughout the world, and they utilize cyber weapons to track journalists and other opposing groups. Microsoft indicated that even if NSO Group's own intention is not to violate human rights, its tools certainly allow its clients to do so.

      Moving forward, Microsoft has urged that private security firms such as NSO Group should be liable for any laws that are broken by using their tools, and they should not be granted immunity in any circumstances. The coalition hopes that the amicus brief will enable it to protect the rights and privacy of all its global customers.

    • By Ather Fawaz
      Trump campaign website briefly defaced by hackers
      by Ather Fawaz

      Image via Alex Brandon With the U.S. Presidential Elections just around the corner, President Donald Trump's campaign website was briefly taken over and defaced by hackers. In an act that lasted close to 30 minutes, The New York Times reports that hackers replaced a section of Trump's campaign website. Gabriel Lorenzo Greschler, who is a journalist at the Jewish News of Northern California, was among the first to report of the incident. Greschler stumbled upon the hack while researching climate change, and proceeded to make a video demonstrating the seized website:

      As seen above, hackers took over the 'Coalitions' tab on the President's website and claimed to have compromised 'multiple devices', essentially giving them access to 'most internal and secret conversations', including classified information. They further threatened to discredit the POTUS by choosing to either release the sensitive data or keep it a secret. The choice of this was left at the hands of site visitors; an encryption key was also dropped on the page so that the hackers could solicit votes in a cryptocurrency called Monero. The hackers also accused the Trump administration of cooperating with foreign actors in manipulating the upcoming elections and of having a hand in the advent of the coronavirus.

      Tim Murtaugh, the spokesman for the Trump campaign confirmed the reports of the website being defaced and said they were “working with law enforcement authorities to investigate the source of the attack.” He later clarified that there was no leak of sensitive data either and that the website had been restored.

      This hack comes less than a week after an ethical hacker claimed to have obtained access to President Trump's official Twitter account with the password 'maga2020!'. It's also days after the President claimed in a campaign rally that “Nobody gets hacked. To get hacked you need somebody with 197 I.Q. and he needs about 15 percent of your password.” Regardless, intelligence agencies have claimed that today's defacement could've been yet another cryptocurrency fraud to solicit money via phishing.

      Source: Gabriel Lorenzo Greschler (Twitter) via The New York Times

    • By zikalify
      Nokia report warns of rising cyberattacks on IoT devices
      by Paul Hill



      Nokia’s latest Threat Intelligence Report has warned that cyberattacks on internet-connected devices are continuing to rise at an “alarming rate” due to poor security protections. The report found that IoT devices now make up 33% of infected devices, up from 16% in 2019.

      According to the report, the most affected IoT devices are those that are routinely assigned public-facing internet IP addresses. It highlighted that networks that use carrier-grade Network Address Translation see the infection rate of IoT devices reduced considerably because the vulnerable devices are not visible to network scans.

      Commenting on the findings in the report, Bhaskar Gorti, Nokia Software President and Chief Digital Officer, said:

      Pivoting away from IoT devices, the report also looks at how cybercriminals have used the COVID-19 pandemic to launch cyberattacks. It said that criminals are using people’s fears to spread malware, for example, it said that a coronavirus map application mimicked the Johns Hopkins University app and deployed malware on the devices it was installed on. To protect against these types of attacks, Nokia’s report suggests that people should only install applications from trusted sources such as Google and Apple.

    • By Abhishek Baxi
      Microsoft is the most imitated brand by hackers according to a report
      by Abhishek Baxi



      Check Point Research, a cyber threat intelligence company, has highlighted the brands that hackers have imitated the most to lure people into giving up their personal data or payment credentials in its quarterly brand phishing report.

      According to the report, for the period of June-July-August 2020, Microsoft was the brand most frequently targeted brand by cybercriminals. Microsoft soared from the fifth place in the second quarter to the first place in the third quarter for brand phishing attacks, making up 19% of all global phishing attacks in the period (from 7% in Q2).

      Microsoft is followed by DHL and Google – both accounted for 9% of all brand phishing attempts globally each. Others in the top ten include PayPal, Netflix, Facebook, Apple, WhatsApp, Amazon, and Instagram.

      During the period, email was the top attack vector making up 44% of all phishing attacks, closely followed by web phishing (43%). The top phishing brands exploited by email phishing attacks were Microsoft, DHL, and Apple in that order and those exploited by web phishing attacks were Microsoft, Google, and PayPal.



      For example, in mid-August, Check Point researchers witnessed a malicious phishing email trying to steal credentials of Microsoft accounts by luring the victim to click on a malicious link which redirects the user to a fraudulent Microsoft login page.

      The spurt in phishing attempts by imitating Microsoft is to capitalize on large numbers of employees working remotely because of the pandemic, many for the first time ever.

      Source: Check Point