silversurfer

Level 50
Verified
Trusted
Content Creator
Malware Hunter
In this article we take a look at a phishing campaign that pretends to be an "Unusual sign-in activity" alert from Microsoft that could easily trick someone into clicking on the enclosed link.

With companies such as Google and Microsoft commonly sending users alerts when unusual activity has been discovered on their account, users may feel its normal to receive them and would then click on the enclosed link.

Attackers are capitalizing on this by sending emails that pretend to be "Microsoft account unusual sign-in activity" alerts from Microsoft. When compared to the legitimate email notifications sent by Microsoft, they look almost identical with the same information fields and even the same sender address of "account-security-noreply@accountprotection.microsoft.com".

Microsoft account unusual sign-in activity email

Microsoft account unusual sign-in activity email
Read more below: