If it keeps happening, prefers middle of the night (to where you live) hours, and you often get a really big batch in a row, then yes, it’s probably an attempted hack.
In any case, I would making sure your password is strong and isn’t reused anywhere else, and set up multi factor authentication…
Edit: It was pointed out to me that this has an approve/deny on it. Looks an awful lot like an MFA Fatigue attack. The attacker plans to keep doing it until you slip up and approve it accidentally while fumbling to unlock your phone at midnight sometime.
You should change your password immediately, if you haven’t already.
Weird. Sure looks like MS may be sending these without requiring your password. That’s…not great. Because of the fatigue attack aspect. See what you can configure. I would disable this function on my account, if I could.
Again, that’s if you’ve gotten dozens of these. If you got 3, it’s someone who mistyped their email as yours.
This is a common attack tactic, then, called MFA Fatigue. It also means they probably have Ops password already. Or Ops service provider is doing something dumb. (MFA requests shouldn’t be sent out without the other factor being known.)
People freak out when you point out their yew bush is super poisonous.
Like, I’m the bad guy for knowing that it only takes like 50 grams of leaves to kill a person and their is no antidote.
It is actually safe to ignore them. It means either someone has an email address similar to yours, or a bot of some sort has you email address and only your email address.
Essentially, someone or something goes to the login screen, enters your login, and says “I don’t have the password, let me in!”.
Sending a code to your email like this is the first step in letting someone in without the password, or more specifically to having them reset it.
Since the email is to check “did you ask for this?”, doing nothing tells them that you did not.
If you want some extra peace of mind: account.live.com/Activity should show you any recent login activity which you can use to confirm that no one has gotten in.
Also, use two factor, a password manager, and keep your recovery codes somewhere safe. The usual security person mantra. :)
This is all good information and seems well intentioned, but it’s worth pointing out in a post about account security that clicking links provided by others and giving it your login information is very unwise (even/especially links in emails like these). For the link you provided, it’d be better to recommend going through a primary microsoft page or login that can be confirmed by the user and getting to the activity history page from there
That is wonderful advice and I’m glad you pointed that out. :)
If I knew how to give directions to the page, I would, but unfortunately I don’t know the Microsoft site layout, only the URL that their help center directed to.
In mitigation of my indiscretion: it’s generally safer to trust a person you approach out of nowhere than to trust someone who approaches you out of nowhere.
Since they chose the venue and asked the question, the likelihood that an attacker is present in the replies is lower than the expectation that an unsolicited email is from an attacker.
But it’s also entirely correct to be distrustful of anything anyone asks you to click on, triply so if it involves security or login pages.
For MS guides there usually is an article under support.microsoft.com or learn.microsoft.com (usually more advanced, admin related documentation for company / enterprise level stuff) domains. Here’s an article for checking activity.
Yup, that would indicate that likely a bot is trying to guess it’s way in.
You are still safe.
The only weird thing here is that Microsoft lets such things bother you instead of guessing that you didn’t teleport to Brazil and instead putting a little extra burden on the Brazil end before sending you an email.
If you’re still feeling worried, the biggest thing you can do is enable two-factor auth (which you should do anyway), or even better: enable something like passkeys which are very secure and also easier than username/password.
Two-factor/password manager is the “remember to brush and floss” of the security industry, so… Please do those things. :)
You can create an email alias for your Microsoft account and then only enable login from that account. If you then do not use that email for anything but the login, you should be pretty safe from credential stuffing attacks.
I had a very similar issue with multiple failed login attempts and changing my login email stopped it right away.
Considering most of the attempts are from India and Brazil I suspect a service you signed up for has sold your email to unsavory data brokers and now a bunch of scam companies are doing that MFA attack on you
Maybe 10 or so years ago, was a real push to convert old malls into apartments or low income housing. Turns out it’s not that easy. Those buildings were built with minimal plumbing, just a few public restrooms and limited water service for the food court. There’s just not enough water/sewer to supply more than a small handful of apartments. You’d have to tear up significant portions of the building to run all new plumbing for all the kitchens & bathrooms. And that assumes the underlying city infrastructure that runs to the mall could even support the new water & sewage demands in the first place.
I’ll grant you, it is a cool idea. It’s just not nearly as simple as it sounds.
I like it because I use it for MELT in general. Prometheus generally does metrics and if you want to include logs, traces and events, it becomes more cumbersome. With the Otel collector, I can just update my collector configuration to point to the various services.
I’m not saying OP can’t use what you suggested, just stating what I would use.
with a $1000 budget they might want to consider building a computer as desktops usually provide better performance/per cost rather than buying a $1000 laptop
desktop pcs can also be small if a small form-factor like ITX or mini-ITX is chosen (although mini-ITX can be pricey)
building is incredibly easy as there’s a plethora of tutorial vids online and you’re less likely to get screwed over by an Original Equipment Manufacturer (OEM) or retailer
diy vs. buying a pre-built
the fediverse here also has an active community for support !buildapc
Hi there! Looks like you linked to a Lemmy community using a URL instead of its name, which doesn’t work well for people on different instances. Try fixing it like this: !buildapc
The one caveat to building is if you build a PC and a single component is faulty, you are now responsible for determining which component is to get the RMA done. That can be a big hassle. One time for me it was actually two different components that needed to be replaced by the manufacturers, and that was a pain to figure out.
that is definitely true however the added benefit is typically a longer warranty range as buying a laptop would typically mean that all components would be sold under a single flat warranty cycle/deadline
plus even if your computer is borked, you can still take it into a microcenter, memoryexpress, brick-and-mortor retailer to have their technicians figure it out the problem for a cost
I often have these time vs cost tradeoff discussions with my customers after they’ve been informed on the basics
Is he planning to also use the laptop as a laptop?
If not, there are small form factor PCs (especially if you’re willing to buy used business stuff) that don’t take up a lot of space that can be good options. Laptops have some features that are kind of nice on a server as well (the battery becomes a backup against power outages and you don’t need to remote access or plug stuff in to use it because it has a built in display and keyboard), but I don’t think they’re so nice that it’s usually worth buying a laptop just for that purpose. It’s more a reason that repurposing an old one makes sense. If you’re willing to pay the premium a new laptop adds, you can get some pretty low profile units.
I used to read a lot of books. And while not coming straight out and say this person is white or whatever I got that the characters where just like me and I think that is what all authors want without saying it straight out. The purpose of a book or story is to let the reader decide. Woke just reminds me of the new Jim Crow laws cry.
Ok again not promoting death. I just don’t get why we had a huge war against them and it seems like they are cropping back up in all aspects of society. When I learned about Africa killing poachers I was at first like WTF then thought they probably been having a war on them for a while. I am not justfying killing innocent civis but if I see a Nazi or the kkk beating the shit out of a race they do not like am I ok just to shoot them on sight even if I am not in danger and protecting the victim?
This scenario is very different from what I understood from your OP. I’m pretty sure that in the majority of the world, this would be legal. It’s what we call justifiable homicide.
kbin.life
Hot