If it keeps happening, prefers middle of the night (to where you live) hours, and you often get a really big batch in a row, then yes, it’s probably an attempted hack.
In any case, I would making sure your password is strong and isn’t reused anywhere else, and set up multi factor authentication…
Edit: It was pointed out to me that this has an approve/deny on it. Looks an awful lot like an MFA Fatigue attack. The attacker plans to keep doing it until you slip up and approve it accidentally while fumbling to unlock your phone at midnight sometime.
You should change your password immediately, if you haven’t already.
Weird. Sure looks like MS may be sending these without requiring your password. That’s…not great. Because of the fatigue attack aspect. See what you can configure. I would disable this function on my account, if I could.
Again, that’s if you’ve gotten dozens of these. If you got 3, it’s someone who mistyped their email as yours.
This is a common attack tactic, then, called MFA Fatigue. It also means they probably have Ops password already. Or Ops service provider is doing something dumb. (MFA requests shouldn’t be sent out without the other factor being known.)
Edit: There’s no approve link there. Just ignore these. If you got a lot of these, do setup MFA.
If it keeps happening, prefers middle of the night (to where you live) hours, and you often get a really big batch in a row, then yes, it’s probably an attempted hack.
In any case, I would making sure your password is strong and isn’t reused anywhere else, and set up multi factor authentication…
Edit: It was pointed out to me that this has an approve/deny on it. Looks an awful lot like an MFA Fatigue attack. The attacker plans to keep doing it until you slip up and approve it accidentally while fumbling to unlock your phone at midnight sometime.
You should change your password immediately, if you haven’t already.Weird. Sure looks like MS may be sending these without requiring your password. That’s…not great. Because of the fatigue attack aspect. See what you can configure. I would disable this function on my account, if I could.
Again, that’s if you’ve gotten dozens of these. If you got 3, it’s someone who mistyped their email as yours.
The message is multi-factor
Oh, I missed that in the gutter of the message.
This is a common attack tactic, then, called MFA Fatigue. It also means they probably have Ops password already. Or Ops service provider is doing something dumb. (MFA requests shouldn’t be sent out without the other factor being known.)Edit: There’s no approve link there. Just ignore these. If you got a lot of these, do setup MFA.
It’s not mfa fatigue. MS sends a code to the email. There is no accept or deny in the email.
Oh. Yep. That says “Archive”. I gotta stop reading here when I’m tired.