Is Accountprotection.Microsoft Email A Legitimate Sender Of Security Alerts?

399    Asked by DianeCarr in SQL Server , Asked on Aug 3, 2023

 I want to know if the emails from “account-security-noreply@accountprotection.microsoft.com” are valid or fake? The internet has various data about whether the emails are valid or not. Microsoft’s website states that it’s their legitimate sender address for account activity alerts. A valid email message must arise from the Microsoft team at account-security-noreply@accountprotection.microsoft.com. However, the Georgia college help desk states the email address and sender as a phishing attempt. It seems to be from Microsoft as a security alert calling you to revalidate the account. Avoid clicking on any links and erase them. In case you have clicked on the email, reset the password. From: Microsoft account team account-security-noreply@accountprotection.microsoft.com


Answered by Diane Carr

It is not advisable to trust a sender address as correct when it’s from accountprotection.microsoft email. These mails are mostly fake. The SMTP protocol helps the creator of the email to define the sender address. There is no authentication that the sender really manages that email address. When the receiving mail server executes any kind of sender authentication, such as verifying the IP address of the sender matches the domain name they state to be from, there are few quirks in the UI of various email readers that can be used to show a mail address as the sender’s name. When you get any email that states that you require to do something on an account on any site, then look at the URL the link leads to. The domain name states who manages the link. The domain name refers to the thing that appears before the first slash.


When you feel that the link is okay, click on it and you can see a login form that looks valid initially, and did not install any malware deploying drive-by download, then you can also verify whether the site is loaded over HTTPS and verify whether the certificate is really signed for the agency the website claims to be. There are few guidelines to identify the phishing attempts, You must observe signs such as broken images and non-functional links. However, this is not good since it is grounded on the belief that every phisher is a webmaster. You must focus on the things they can’t fake with enough effort.

The SQL Server Online Training at JanBask Training offers experience like offline classes, saving students from the hassle of traveling to the physical location. The training provides a total SQL Server discipline preparation by teaching the core concept and techniques that the job role demands. The training also gives extensive training to impart fundamental and advanced concepts through interesting e-tools and expert-led SQL Server classes. Furthermore, JanBask raining helps you get job-ready and face the tough competitive market with confidence.



Your Answer

Interviews

Parent Categories