Emails from Microsoft containing a 6-digit code are leaving recipients puzzled. These emails are genuine, but scammers are ultimately behind it all. This likely is to be what is known as a brute force attack by fraudsters who are attempting to access accounts by trying multiple passwords, sometimes with the help of automated software to scale their attack.
If you're worried about receiving a Microsoft single-use code that you didn't request and want to know what to do next, read on.
Microsoft single-use code’ email
The email is titled 'Your single-use code' and appears to be from Microsoft. It then tells you: ‘We received your request for a single-use code to use with your Microsoft account.’
It goes on to give you a 6-digit code and a message to only enter the code on an official website or app, not to share it with anyone and a reminder that Microsoft will never ask for it outside an official platform.
These codes can be genuinely requested by Microsoft account holders who need to verify their identity and gain access to their accounts, such as when logging in from a new device or location. If you receive this email and you didn't request the code it's because someone is attempting to access your account, and we think it's wise that you take steps to secure it.
We inspected the account activity of one recipient of the Microsoft ‘single-use code’ email and saw several login attempts from all over the world, including the US, Turkey, Greece, Russia and Brazil. Luckily, all attempts were unsuccessful and their account was still secure, but we advised them to change their password to be on the safe side.
Read more:
How scammers get your data
There are lots of ways a fraudster can access your personal information, such as email addresses and passwords.
Emails, texts and dodgy adverts online embedded with phishing links can steal your data by impersonating brands and asking you to enter your personal information on the phishing website. These messages can also contain links that download malware to your device and steal your information that way.
Scam callers impersonating companies and authorities will almost always ask you for your personal information at some point, so this is another way for fraudsters to steal your information.
Data breaches, where hackers have gained access to large amounts of personal data, such as by hacking into an organisation’s database, are also opportunities for scammers to gain your information.
Read more:Protecting your account
undefinedsource https://www.which.co.uk/news/article/are-the-microsoft-single-use-code-emails-legit-atemV2j9Rnen