Received this today and 4 more almost identical from Microsoft today. It was me that responded to an earlier one but what struck me was their perception of my location.
Your password for the Microsoft account was changed on 18/11/2023 10:24 (CET).
If this was you, then you can safely ignore this email.
Country/region: Bangladesh
Platform: Windows
Browser: Chrome
IP address: 114.130.190.5
If this wasn’t you, your account has been compromised. Please follow these steps: 1. Reset your password. 2. Review your security info. 3. Learn how to make your account more secure.
You can also opt out or change where you receive security notifications.
David, if I read that correctly the info (Chrome, Bangladesh) refers to the person resetting the password.
Do you have a Microsoft account with that email address? If so, then I would log into it (obviously not using any links provided) and check everything is okay.
How will it manifest itself if it isn’t OK? I have used the email address several times since I changed the password, at their advice some days ago, with no problems.
Not sure how I log on to an MS account, never having, to my knowledge, done so before.
The question here though is whether or not David has an MS account, not whether or not it is necessary to have one. In David’s position I would potentially be worried in case someone in Bangladesh is helping themselves to MS add ons at my expense, I do not know if that is possible but perhaps the tech experts could advise on that. For instance could they be taking out Office 365 subscriptions for all their friends and relations (I do not actually know if 365 is still a thing).
I thought there was nothing wrong because it was me that changed the password at their suggestion so thought it was ok to ignore the email. But then they mentioned Bangladesh and Chrome, neither of which applied to me.
What harm can be done with having the email address, it is given to lots of people for legitimate reasons, apart from showering me with spam?
If I have understood correctly this is not about somebody having access to your email address, it is about somebody having access to your Microsoft user account, where you take out subscriptions to Microsoft products like Skype and they deduct a monthly payment.
Did you change the password by logging on to your account in your browser or did you use a link from the email? If you did it via a link from the email, close your browser, restart it and log on again through the browser and change it again immediately.
I’m confused, which isn’t unknown for me and anything connected to computers and the internet. I pay nothing to either Microsoft or Skype, it is so long ago that I didn’t even remember that I was connected to them… I must have been because I have a note of an MS password that I changed the other day after the initial email from them when they said there had been unusual activity on my account.
I don’t remember but I think I changed the password from a link in the email after hovering to see if it came from microsoft, it did.
When you say @John_Scully , close my browser and re-start it and then change my password you mean the pass word I put in every time I go into the browser and every time I leave the computer for 15 minutes or so and have to do it again? That is Firefox, is that what you mean? That is not the password I changed in answer to MS the other day, I never have to put that in.
David, never, ever open a link from an email you get from an unknown source. If you are not sure it’s safe don’t open one from known sources either. Did you click on the link in the email to change your password?
As I said above, I’m not sure which password you mean. The one that I have a record of as being for MS, but never have to use, or the one I use several times a day to open my Firefox browser.
If you mean the never used MS one, yes I must have done that from the email because otherwise I don’t know how to contact Microsoft. But I only dd that after hovering over the link to make sure it came from Microsoft. So obviously thought that that was not an unknown source.
You don’t need a password to open your browser. It’s just a window on the internet. You need passwords to access websites. If you use Microsoft as your email provider and have a 365 subscription the passwords are (should be) the same.
The key thing here is that you haven’t compromised your password(s) by going through a link from a suspicious email.
The portion of mail that David posted seems to contain legitimate links to Microsoft for things like password reset.
It’s a bit odd though
David - as others have suggested you are likely to have created a M$ account when you first set up Windows on your PC. If you google “Microsoft Account Login” you will find the link (or, if you trust me just go to https://myaccount.microsoft.com). Try to log in with your email and password if you recently set it.
Even if you haven’t paid for or given Microsoft or Skype your credit card details, I’d suggest checking that your Microsoft account hasn’t been compromised - especially if you use that account to access your emails. I’d normally suggest enabling 2FA as well.
I’ve received a fake email pretending to be from my partner’s mum’s partner, asking to transfer money but to not mention this publicly because allegedly he was embarrassed at having to ask. You don’t want to inadvertently have a scammer sending such requests to people in your address book. It was obviously fake in my case and easily spotted because they said something which wouldn’t make sense if they knew anything about the person they were impersonating.
Edit: It seems you do with Win11 Pro if it’s not installed from a deployment image, although it is trivial to bypass. I upgraded from Win10 Pro, where I didn’t require a Microsoft account, and the upgrade just happened without asking for a Microsoft account.
