Recently I received two security alerts from Microsoft warning me someone had attempted to log into my account. The emails offered me links to review the activity and reset my password, as well as a link to learn about ways to make my account more secure. I’ll be honest, the emails seemed…off to me, and I almost dismissed them entirely. Spoiler alert: I soon determined they were legit. Someone had attempted to break into my account, and I almost let them get away with it because I assumed the security alerts from Microsoft were spam.
Microsoft’s security alerts might look like spam to you
Why did I think Microsoft security alerts were phishing attempts? First of all, this account wasn’t one I use often. In fact, I can’t remember the last time I logged into it. My thinking was, why this account, right now?
Second, they just seemed spammy. The design of the emails didn’t fit what I assumed Microsoft would put together. A big blue “Security alert” message at the top of one email and a “Unusual sign-in activity” on other didn’t line up with other text elements, which looked sloppy. Even the signature — “The Microsoft account team” — threw me, because I thought Microsoft would capitalise the full name. Speaking of which, while the email was sent from “Microsoft account team,” the email address read “[email protected].” Not damning, but it seemed overly complicated for an official email address.
So, I googled it, and found I wasn’t alone. There are support pages filled with people asking “Um, is this spam, or am I actually in trouble?” What turned the tide for me, though, was this Microsoft support page discussing why you might receive a security alert in Office 365, with an image of such an alert that looked identical to one of my emails. The purpose of the article wasn’t to confirm whether the alert was legitimate — that was a given, as far as Microsoft was concerned.
I decided to log into my Microsoft account. Lo and behold, someone had in fact gained access to it. Luckily, they didn’t seem to actually do anything with that power: I was able to log in and reset my password and security settings without issue. However, under my recent activity, I could confirm someone in Europe successfully breached the account, just as the security alert had warned me about.
How to tell whether that security alert is legit
In recent years, scammers have gotten clever about creating phishing emails that look official, which is why even a legit email from Microsoft can make you wary. However, there are some signs that look for that will give away the email’s authenticity, or lack thereof.
Of course, there’s the “smell test:” Does this email feel like spam? Are there spelling or grammar mistakes? Is the formatting off? Does it read like an official message, or more informal? In most cases, if it seems fake, it probably is. However, that doesn’t always work, as seen in my experience here.
Check who really sent the email, too. It’s easy enough to fake a sender name, but the email address will always appear if you click on it. In my case, the address threw me, but it gave me something to Google. Turns out, “[email protected]” is a real Microsoft support email.
Rarely will opening a spam email actually do you any harm. It’s the links within it (or any attachments) that are the real threat. You do not want to click on a bad URL, so it’s important to be sure a hyperlink is real before opening it. As such, always hover your cursor over the link to reveal its true URL. In my case, all links revealed legitimate Microsoft support pages, rather than a string of scary text and numbers leading God knows where.
However, if there’s any doubt, don’t click the links. Even though the hover trick checked out, I still avoided the link entirely. Instead, I went to Microsoft’s website on my own and logged in from there, which let me confirm someone compromised the account. And never open any attachments you don’t recognise.
Remember, Google is your friend. If the email is purportedly from a big company, like Microsoft, it’s likely other people received them, too. There’s a good chance they’ve asked about the emails on forums or support pages, and hopefully someone was able to figure out whether the messages were phony or not.
Cyberattacks are on the rise, so it never hurts to be careful. Just make sure you aren’t so careful you let other scammers through, too.