Are Emails from ‘security-noreply-account@accountprotection.microsoft.com’ Safe?
There has been a lot of activity lately with many users getting emails from “account-security-noreply@accountprotection.microsoft.com” Address and they are confused about the authenticity of the email. This address seems a little different from the one most users are used to receiving emails from which leads to the users being at fence about trusting the email.
Doubts Regarding the Sender Address
The first doubt that sparked this debate came from a user who noticed that this sender’s address is a bit different from the one they are used to receiving emails from. The address that is usually used is “account-security-noreply@accountprotection.microsoft.com” while the address that is used to send these emails is “security-noreply-account@accountprotection.microsoft.com“.
The Second doubt arises from the fact that the content of this email indicates that the user’s account has been involved in some suspicious activity or it states that there has been some unauthorized login to your account due to which you need to navigate to the homepage, log in to your account and authorize the new login. This is a common trick that is used by phishers.
Are Emails from “security-noreply-account@accountprotection.microsoft.com” Safe?
The answer to this question can’t be pinpointed as there is doubt regarding the credibility of the account but nothing can be said for sure. It is best to examine the email to reach a conclusion upon the credibility of the account. It is recommended that for the sake of the safety of your account, don’t click on any links that are represented in this email and refrain from replying to the email at all.
We have given this verdict keeping in regards that although Microsoft lists this address as safe and approves it, there have been many reports from different sources that suggest that this is a very elaborate phishing attempt and targets users’ email accounts and gains access to all the associated apps/services to the email. After being conflicted with the information regarding this address, we decided to investigate on our own.
According to experts, the sender’s address that is shown in an email can easily be manipulated by hacking the users’ emails’ UI and programming it in such a way that it shows this particular email as the sender. Also, there are many other methods through which the perpetrator can show a specific email as the sender and fool the user into thinking that it is credible.
Alternative to the Problem
Since we can’t be a hundred percent sure about the authenticity of the email sender, it is recommended that instead of following the links in the email, you log in to your account manually after opening the site yourself and check if there is any mention of the unusual activity that the email suggested. Whenever there actually is any unusual activity regarding your account, it is also displayed on the log in page of the site.
If the login is prevented, it means that the email must be authentic and you really need to verify your identity to log in to your account. If the login is normal and everything seems fine, it must mean that the email was from a phisher and they meant to get access to your account.
You can also take a look at How to block Unwanted emails on your account. If you think your account is completely compromised, you can create a new email instead.