Phish Bowl Alerts
If you receive a security alert from Microsoft and are concerned about its source, you'll know it's legitimate if it's from the Microsoft account team and sent from the address account-security-noreply@accountprotection.microsoft.com, like the following example.
Learn more on Microsoft's support page What happens if there's an unusual sign-in to your account.
From: Microsoft account team <account-security-noreply@accountprotection.microsoft.com>
Date: March 24, 2021 at 3:36:33 AM EDT
To: josiah.carberry@gmail.com
Subject: Microsoft account security alert
Microsoft account
Security alert
We think that someone else might have accessed the Microsoft account jo*****@gmail.com. When this happens, we require you to verify your identity with a security challenge and then change your password the next time you sign in.
If someone else has access to your account, they have your password and might be trying to access your personal information or send junk email.
If you haven't already recovered your account, we can help you do it now.
[ Recover account ]
Learn how to make your account more secure.
Thanks,
The Microsoft account team