• Hey there! Welcome to TFC! View fewer ads on the website just by signing up on TF Community.

Phishing/ Scamming attempt

Apply For Lifetime Free IDFC First Credit Card
C

Card_Crafter

TF Ace
Received these emails today early morning. I don't have Microsoft account on my personal email Id but sometimes login to office Laptop which has official Microsoft account.

Second email (recover account) and SMS were triggered when i clicked on the first email link and closed without entering anything.

Have done a proper security check, couldn't find any suspicious activity on my Google account.


1000068311.jpg

1000068312.jpg

1000068314.jpg

1000068316.jpg
 
Apply For LTF AU LIT Credit Card
Dr. Drake said:
haveibeenpwned.com

Have I Been Pwned: Check if your email has been compromised in a data breach

Have I Been Pwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.
haveibeenpwned.com haveibeenpwned.com

check if you're details got leaked recently or regular scam attempt
Click to expand...
No recent data leak activity. Four previous data leaks were way back from 2017-21 periods. Culprits were Big basket, Canva, Zomato and Flipkart.

Already knew about these leaks thanks to Google One.
 
P B R G said:
Received these emails today early morning. I don't have Microsoft account on my personal email Id but sometimes login to office Laptop which has official Microsoft account.

Second email (recover account) and SMS were triggered when i clicked on the first email link and closed without entering anything.

Have done a proper security check, couldn't find any suspicious activity on my Google account.


View attachment 39592

View attachment 39593

View attachment 39594

View attachment 39595
Click to expand...
Maybe hacked due to cookie spoofing?
 
You are most probably not hacked. Maybe they got your id from somewhere and this was a way for them to get to your password too.

What I find suspicious is, why is Microsoft informing you about unusual activity on your gmail account? Is this some feature of Microsoft authenticator? Never heard of this tbh outside of scam emails. IGNORE

That link in sms is genuine microsoft link, so there's that.

Have you created your microsoft account using a gmail? If that's the case then that explains why microsoft is informing you about it. It is probably that someone tried to login to your microsoft account, so you would need to review your microsoft account activity. Do it either a mobile you trust or a computer you trust. Don't use this link.

Only advice if you want to be cautious be that delink that email id with any of the ecom sites. If possibe do it with banks too but would be too much trouble for little benefit if any. Considering that you don't store your cards on ecom sites as you mentioned it in another comment, it would be pretty hard for the thieves in this instance to use your credit card, as they would require cvv to use in places where the card isn't tokenized already.
 
Last edited:
Okay, so I have decided to recheck this activity once again after the above comments.. and guess what.. there is an (Inactive) Microsoft account associated with my personal email id and all these years i didn't even know. Maybe it was created during my college days. But no personal info, data or subscriptions are added/active. So i have reset the password and sent out a request for Account Closure. Within 30 days it should be permanently closed.

Noticed there were too many login attempts from the same Germany IP address.

@Pankhuri @abhinav_
 
P B R G said:
Okay, so I have decided to recheck this activity once again after the above comments.. and guess what.. there is an (Inactive) Microsoft account associated with my personal email id and all these years i didn't even know. Maybe it was created during my college days. But no personal info, data or subscriptions are added/active. So i have reset the password and sent out a request for Account Closure. Within 30 days it should be permanently closed.

Noticed there were too many login attempts from the same Germany IP address.

@Pankhuri @abhinav_
Click to expand...
Somebody must have gotten it in some data breach and is trying to use it probably.

Or the more likely scenario is someone with similar name is typing your account address when logging in. That also happens a lot, and is usually the case with multiple login tries from a same place, caveat being the login attempts were separated over a time period and not just by mere seconds.
 
You must log in or register to reply here.

Similar threads

L
  • Question Question
BEWARE phishing scam for hdfc
2
Replies
26
Views
17K
hygull
hygull
Back
Top