Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Risky Sign-In Capture for Email Client

Brass Contributor


If the "fraudster" somehow managed to set up the user account in an email client, without anyone noticing it. And the account is already in-sync with the Exchange server.

Will the risky sign-in features track such scenario? Since he no longer required to perform the manual "sign-in" process.


1 Reply



It always capture whether from Risky sign in or cloud app security. You can easily find out from MCAS if you know the user.


If you are asking about notification via email, it will notify you anytime accessing from unfamiliar location.


Sorry if I’m not understanding the scenario correctly!


Hope this helps!