Forum Discussion
OTP
Hi
I just wanted to share this thing. I mean we all are aware that passwords are lame. It can be easily just hacked by a malicious individual. Then came the one time pin. We felt secure by this. Either by our recovery email or on our registered mobile number. Then we get comfortable doing almost everything of our transactions online. Relative to using Microsoft 365 as provided by our office org. in which we are really handling confidential information. I already reported this to I.T. team or our org. They replied by saying ,"Did you try it?" I was thinking were they(local I.T team) also curious about this but nah, I don't think my org will allow such curiosity to play along when our work handle confidential information, video recordings and meetings. It happened several times. Just a while ago, I received this. You can tell the difference. Both works, but what I've noticed from the second picture as I've open my email it route me to "my account is at risk" so I immediately signed out. I'm gonna changed my password. I'm thinking of this. I don't know but I just wanted to share this.
Lovelots guys,
Pauline
I'm not the specialist for hackers. But
Microsoft has send the code via SMS. SMS can be hacked by intersection of the communication, e.g. using "false base station" or Hacking of the ‘Personal Account’ of the subscriber on the site or application of the cellular operator and forwarding all messages to the attacker`s address.
One of this could be happend.
If you receive the Microsoft code, the attacker send a second one, asking you to verify your login. I don't know how the hacker then can lead you to a fake site (maybe proxy, what ever?). Then the attacker has your password.
You have used the signin-page of microsoft, and you see, your account is at risk. It looks that Microsoft cloud application security has detected a second login for your account, which looks strange, because it is from another location, or it is from a non registered device.This shows, we all have to move to passwordless authentication, because it is phishing resistant.
Harald
6 Replies
Your password may be known to someone if you have https://smsala.com/blog/sms-otp-for-your-customers/ enabled and you received a verification code. Were I you, I'd change your password even though your account should not have been breached
Regards
Irfan
https://smsala.com
- a good suggestion. changed password from time to time. thanks
I assume, your accountis at risk. the second screenshot is very strange. Looks like a pishing attack.
You should inform your security master of desaster and ask, what is happened.
Azure currently is moving forward, fast, with authentication, OTP is legacy. passwordless will the next level. You can use passwordless with WHfB, with FIDO, with SmartCard, and with MS Authenticator App password-less signin. All three must be configured by your admin team.- I informed them already. If this is phishing then this is real time phishing. They know how to attack at the exact time when an individual will open the account on a certain device. I received a form of phishing via email, that one was very obvious. Reading the content and checking on the details of the link from which the email came from, I immediately report it the concerned institution. With this one I was tricked perhaps coz of my busy day to day routine in my job.
thanks by the way for the reply. I will study about your suggestion for me to better understand.I'm not the specialist for hackers. But
Microsoft has send the code via SMS. SMS can be hacked by intersection of the communication, e.g. using "false base station" or Hacking of the ‘Personal Account’ of the subscriber on the site or application of the cellular operator and forwarding all messages to the attacker`s address.
One of this could be happend.
If you receive the Microsoft code, the attacker send a second one, asking you to verify your login. I don't know how the hacker then can lead you to a fake site (maybe proxy, what ever?). Then the attacker has your password.
You have used the signin-page of microsoft, and you see, your account is at risk. It looks that Microsoft cloud application security has detected a second login for your account, which looks strange, because it is from another location, or it is from a non registered device.This shows, we all have to move to passwordless authentication, because it is phishing resistant.
Harald
