Overview
Your account was flagged as high-risk in Microsoft 365 due to suspicious activity, which could indicate an attempted compromise. While we've already reset your password and ensured Multi-Factor Authentication (MFA) is enabled, it's important to understand how to prevent this from happening again. Below are some tips and best practices to help you keep your account secure moving forward.
Why Was My Account Flagged?
Microsoft 365 flags accounts as high-risk when unusual or potentially malicious activity is detected. This can include:
-
Sign-ins from unfamiliar locations or devices.
-
Use of anonymous or malicious IP addresses.
-
Leaked credentials found on the dark web.
-
Suspicious inbox rules (e.g., auto-forwarding emails externally).
-
Unusual patterns, such as rapid logins from geographically distant locations.
These flags are not always your fault but are a sign that attackers may be targeting your account.
What You Can Do to Prevent This in the Future
1. Use Strong Passwords
-
Create a strong password with at least 12 characters, including a mix of uppercase letters, lowercase letters, numbers, and special characters.
-
Avoid using easily guessed information like birthdays, names, or common words.
-
Never reuse passwords across multiple accounts. If one account is compromised, others could be at risk.
-
Consider using a password manager to securely store and generate unique passwords.
2. Be Cautious with Emails
Phishing attacks are a common way attackers gain access to accounts:
-
Do not click on links or download attachments from unknown or unexpected emails.
-
Verify the sender’s email address carefully—attackers often use addresses that look similar to legitimate ones.
-
If an email asks for sensitive information (like your password), it’s likely a phishing attempt. Report it to IT immediately.
3. Secure Your Devices
-
Keep your devices updated with the latest software and security patches.
-
Use antivirus software and ensure it’s up to date.
-
Avoid using public Wi-Fi for work-related tasks unless you’re connected through a Virtual Private Network (VPN).
4. Monitor Your Account Activity
Stay alert for signs of suspicious activity:
-
Notifications about logins from unfamiliar locations or devices.
-
Unexpected changes to your email settings, like new forwarding rules or deleted messages.
-
Files being modified or accessed without your knowledge.
If you notice any of these signs, report them to IT immediately.
5. Avoid Using Shared or Public Devices
Logging into your work account on shared or public devices increases the risk of compromise:
-
Only use trusted devices for accessing work accounts.
-
If you must use a shared device, ensure you log out completely and clear browser data after use.
Additional Tips for Staying Secure
Enable Self-Service Password Reset (SSPR)
If available, register for Self-Service Password Reset so you can securely reset your password without needing IT assistance in the future.
Notify IT Before Traveling
If you plan to travel internationally or use a new device, let IT know in advance. This can help avoid false positives that might flag your account as high-risk.
Be Mindful of Legacy Applications
Avoid using older applications that don’t support modern authentication methods. These apps are less secure and more vulnerable to attacks.
Why These Steps Matter
By following these best practices, you reduce the chances of being flagged as high-risk in the future. Keeping your account secure not only protects your personal data but also ensures the safety of our organization’s resources and information.
If you have any questions about these steps or need further assistance, don’t hesitate to ask the help desk team!