Holy moly. I changed my Microsoft Outlook password now and am in the process of looking at Microsoft recent activity. Every day there has been multiple unsuccessful attempts to log in to my account. And the attacks come from dozens and dozens of different countries around the world.
If you go to Microsoft account settings, there are several things you can do:
-
you can make up new email addresses associated with your account. I made one up, and I only use it for logging into the account, it’s the allowed one I CAN login with, and I never use it for email… so no one knows about it… now I never see attempts to login… because the scammers don’t know where to start for me… my old hotmail.com address which was exposed years ago no longer works for login
-
ask MSFT to require you to change your password every 72 days… why 72? Who knows? But I do that
-
Multi-factor authentication using an MFA app or hardware key!