Repeated microsoft password reset requests - Should I be concerned?

Discussion in 'privacy general' started by Alexhousek, Jun 14, 2020.

  1. Alexhousek

    Alexhousek Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    627
    Location:
    USA--Colorado
    Since the middle of last month, I have started receiving at least one Microsoft password reset e-mails a day, sent to my secondary e-mail address, regarding my primary e-mail address (MSN or Hotmail).

    These e-mails have no phishing-like links in. I believe them to be a legitimate password reset e-mails. Which means someone is repeatedly trying to reset my password.

    There appear to be no (recognizable) attempts to break into my secondary e-mail account.

    I am using the Authentication app for MSN/Hotmail email (2FA). I have changed my MSN email password once already (not using the email). Of course, my MSN password is also my primary MS password.

    Do I need to be concerned? What else do I need to do?
     
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,305
    I have a simple hotmail account, which is secured by an Authy TOTP for 2FA, same as you. I have never seen a reset request in over a decade with that account. You don't need to post it here but I wonder if you are using a very common email address with a minor variation. If so maybe someone is similarly named and is transposing a number or letter. o_O - maybe. My 02
     
  3. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,067
    I have not experienced the problem that you mention but I have a gmail account, which is, for example,
    joe.bloggsATgmailDOTcom and I receive mail from time to time for joebloggsATgmailDOTcom
    Some of the mail is quite important like booking tickets etc or ordered things from the internet and even all the organizational work for a country bring and buy sale
    The dot should be taken into consideration and give me a unique email address but some times doesn't seem to be, so it may be you are receiving mail meant for someone else.

    ...or it's a password reset email scam
     
    Last edited: Jun 15, 2020
  4. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    13,930
    Location:
    Slovenia
    Gmail is specific in that regard as dots don't mean anything to them.
    So joe.bloggs and joebloggs are same account.
    More info here: https://support.google.com/mail/answer/7436150?hl=en
     
    Last edited: Jun 15, 2020
  5. Alexhousek

    Alexhousek Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    627
    Location:
    USA--Colorado
    Thanks everyone for your responses. The only thing that I can think of is that my wife got a new laptop and gave me her old one. Of course, she was the admin and the login was hers. So, I created a new user (myself) and gave myself an admin account. I now login with my MS account on that laptop. (I left her login on the laptop as well.) I can't see how logging into this laptop with my MS/MSN account has anything to do with me receiving password reset requests?

    The good news, however, is that as of 9:30 am, I've not received a password request email yet today.
     
  6. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,783
    Location:
    .
    FWIW ~ I've recently received one notice - for my seldom used Microsoft email address.
    png_6643.png
    png_6641.png
     
    Last edited: Jun 16, 2020
  7. Alexhousek

    Alexhousek Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    627
    Location:
    USA--Colorado
    I also received another one this morning at 1:55 am. It looks identical to the one above.
     
  8. sdmod

    sdmod Shadow Defender Expert

    Joined:
    Oct 28, 2010
    Posts:
    1,067
    Msoft killed an account of mine that I had from even before they took over H+tmail ( I was one of the first few to join) because I couldn't remember the lies that I told when first setting up the account. They said that the reason it was flagged was because of 'unusual behaviour'
    The robots wouldn't let me back into a decades old account. My fault for not jotting down my lies.
    I lost a lot of personal emails. :(

    Ah! for the days of Pine, Elm and RocketMail sigh
     
    Last edited: Jun 22, 2020
  9. kaljukass

    kaljukass Registered Member

    Joined:
    Apr 27, 2011
    Posts:
    159
    @Alexhousek - These e-mails have been sent for a long time, and they are all so-called false messages sent by malicious people to access your e-mail accounts in order to obtain more information about you. They are mainly interested in your bills and who sends you the bills and how you pay them. Also, whether you send invoices to someone yourself.
    You will usually be asked to change your password and then confirm it.
    Of course, the data will also be sent to those who sent you an email to change your password. Now that you do, you've given any people access to your accounts, meaning they're free to use your accounts.
    In general, they are particularly interested in invoices and invoice senders. If they know all of this, they will also know exactly when this invoice should arrive to you, and they are free to remove it from your mail and send a message requiring you to change your account number and pay the invoice to the new number. Of course, you don't know anything about it, and should a transfer be made through this invoice, it will be credited to another account sent from your inbox.
    I'm not going to tell you more about this, but REMEMBER - these are called phishing scams to gain access to your data.
    It's one old story, began about half year ago again.
     
  10. Alexhousek

    Alexhousek Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    627
    Location:
    USA--Colorado
    Thank you for your replies. As bjm_ demonstrated with his picture, these are legitimate emails from Microsoft. That means that someone is trying to access my msn email account. Of course, I would never click on a link in one of these emails (even if they are legitimate). However, after the first couple, I did login separately to my msn account and change my password. And, still the emails continue. I've also installed the "authenticator" app (Android) from Microsoft which serves as 2FA. At this point, there's not much I can do to stop someone from trying to reset my msn password (and from receiving the emails). It's just very disconcerting.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.