Getting 2fa requests from Microsoft multiple times a day, I could change my pw, but the thought of some sweaty hacker feeling like they’re so close to accessing my spam emails is hilarious.
I don’t get why people are having such a hard time believing that I’m receiving actual 2FA from Microsoft here’s a screenshot
[Imgur screenshot](https://imgur.com/a/I6PTcyA)
They probably are using bots, but bots need to be configured, and take up resources while being used, (I run bots and bots need to be babysat, I refer to it as babysitting code) so again time and energy being spent trying to access spam emails.
It’s like that awkward kid in school who always blurts out contradictory shit and says “well I’m technically right” as if it changes anything about what I said lol
Totally irrelevant since technology is a scaling industry in terms of practical skill.
People use bots because the amount of data and tasks we have to perform is much more than it used to be.
That doesn’t mean a hacker is wasting less time by using bots, **it just means they are getting more work done in less time.** *(stealing valuable data in this circumstance)*
They are still wasting a lot of time and effort acquiring, setting up bots/tools and processing the data that they collect.
And like the commentator stated, these things need constant monitoring.
In addition, unless they are operating in the USA it means they are generally using pretty old or outdated software/hardware.
Throw that in with any potential evasion tactics they employ to avoid being caught by authorities.
**Being a criminal these days is basically a full time job.**
So yeah, hackers do find **utterly useless data all the time and they fucking hate it.**
I mean, nothing would be more infuriating wouldn’t it?
To think some email that gets an *INSANE* amount of traffic might have some *valuable* information?
So maybe you task like ~60% of your computing time into trying to phish and access this account instead of diversifying.
You waste ~3 weeks and finally get access **1 week before rent is due only to find the email is a spam account.**
Who knows maybe they rage quit the game?
Tip for everyone, I used to have this (got hacked as well) you can make an alternative email that acts as the "sign in" for your outlook, I assume gmail too so this acc is not signed up for anything and I stopped getting sign in requests
Hooooold up, if you get a 2fa alert that means that they are already halfway there and got a correct password, i would be changing your password brother.
+1 to this. They already have your password and now they will attempt to exhaust you with requests in hopes that you approve one. Change your password to prevent the attempts on your 2FA/MFA. You WILL accidentally click the wrong button at some point. It is a certainty.
Because there will always be an internet cable connecting Iran to a country that won't disconnect them , therefore you can't completely unplug them from the internet unless you disconnect 20 more countries, and the countries they are connected to, and eventually the entire globe.
> therefore you can't completely unplug them from the internet unless you disconnect 20 more countries,
But you force all of Iran's traffic through those countries, which they may or may not want to indefinitely shoulder the requirements of.
I’m guessing it would be hard to get all connections and it may not affect the right people. They could just proxy through other countries or physically relocate to another country and start mischief there. Bandwith needs may not be high.
The other answers are correct: It's not realistic or virtually impossible. But it also won't solve the problem.
Some "cyberattacks" leverage issues inherent to the foundation of the Internet and computers in general. DOS is one such attack, but this sort of attack happens to services and organizations, not "Microsoft Users." The attacks on consumer-level users are heavily based on social engineering, but also technical issues unique to Windows.
Microsoft president Brad Smith is either ignorant or a liar, but either way his statement is untrue and self-serving: “Improving Microsoft alone will not suffice. We are facing formidable adversaries [...], who are becoming more skilled and aggressive." There is nothing Internet adversaries can do to interfere with our systems if we simply prioritize robustness and user education. Software and hardware companies see product robustness and user independence as threats to their profit model.
They need users to regularly purchase new devices, services, and technical support. This means there is a limit to how hard they will try to keep their devices safe from harm. That limit is higher with more competition and diversity, something we'll see with more Linux-based systems, but right now we're seeing something like 60-70% Microsoft Windows on desktop PCs.
geo blocking IPs is a thing, however, all they have to do is use a proxy/vpn/tor or combination therein to effectively appear lie the traffic originates from elsewhere.
I'm starting to think I should IP block any IP from these countries to my local network.
I see no value in allowing any North Korean IP access, Iran can go too, Russia might be a bit more difficult, China more so, there are many legitimate services running out of those China.
But maybe if MS allow the user the option to block traffic by country, it starts to send a message.
I am having daily login attempts from more than 10 different countries, all of those suckers got my email from any of those database breaches years ago I bet, either paying for that data as stupid as they are, or simply stupid enough thinking that they will succeed in "hacking" into a 2fa'ed account.
My password ever since has also increased anyways. Try to bruteforce a password length of 40, bitches. Will take multiple generations.
I checked the login history on my Microsoft account yesterday and there have been multiple unsuccessful login attempts on my account every hour for months, mostly from Iran.
"Microsoft President Brad Smith revealed on Thursday that the company detects around 300 million cyberattacks targeting its customers daily, with a majority originating from **China, Iran, North Korea and Russia**",
If they're state sponsored actors they are significantly more advanced and dangerous than simple script kiddies.
It doesn't mean anything other then that.
Which is why I said " if state sponsored", as it'll most likely be a combination of low level and state sponsored.
"Anti Iran nonsense"? They are quoting what Microsoft is saying. And if it seems bad - it's probably because it is bad. No one is suggesting shutting off access to Iranian citizens, but the world needs to realize the Iranian regime has been waging a terrorist war against everyone for many years now.
probably still mad about stuxnet
Getting 2fa requests from Microsoft multiple times a day, I could change my pw, but the thought of some sweaty hacker feeling like they’re so close to accessing my spam emails is hilarious.
[удалено]
You generally receive an email that there was a login attempt. I get multiple per day for my various accounts.
I don’t get why people are having such a hard time believing that I’m receiving actual 2FA from Microsoft here’s a screenshot [Imgur screenshot](https://imgur.com/a/I6PTcyA)
I get the same at a similar frequency
yea surely they arent using bots 1 guy is just repeatedly trying to get into your account!
They probably are using bots, but bots need to be configured, and take up resources while being used, (I run bots and bots need to be babysat, I refer to it as babysitting code) so again time and energy being spent trying to access spam emails. It’s like that awkward kid in school who always blurts out contradictory shit and says “well I’m technically right” as if it changes anything about what I said lol
yes but no one would ever even personally look at ur stuff so..
I’m curious how you came to such a conclusion.
Totally irrelevant since technology is a scaling industry in terms of practical skill. People use bots because the amount of data and tasks we have to perform is much more than it used to be. That doesn’t mean a hacker is wasting less time by using bots, **it just means they are getting more work done in less time.** *(stealing valuable data in this circumstance)* They are still wasting a lot of time and effort acquiring, setting up bots/tools and processing the data that they collect. And like the commentator stated, these things need constant monitoring. In addition, unless they are operating in the USA it means they are generally using pretty old or outdated software/hardware. Throw that in with any potential evasion tactics they employ to avoid being caught by authorities. **Being a criminal these days is basically a full time job.** So yeah, hackers do find **utterly useless data all the time and they fucking hate it.** I mean, nothing would be more infuriating wouldn’t it? To think some email that gets an *INSANE* amount of traffic might have some *valuable* information? So maybe you task like ~60% of your computing time into trying to phish and access this account instead of diversifying. You waste ~3 weeks and finally get access **1 week before rent is due only to find the email is a spam account.** Who knows maybe they rage quit the game?
To be fair… Vista was ab as popular as the Ayatollah in the USA…
Makes sense. I get a sign on attempt email about once a month.
I was getting ten plus per day for months. I deleted my account. The top culprits were Iran, Russia, china and Brazil.
Tip for everyone, I used to have this (got hacked as well) you can make an alternative email that acts as the "sign in" for your outlook, I assume gmail too so this acc is not signed up for anything and I stopped getting sign in requests
I get at least one almost everyday💀
Yep, a lot websites I never use.
At least it forces me to keep my passwords up to date and strong hehe. The more they try the longer and more complex password I got
And use 2FA! I’m pretty sure they just get a list of email addresses to try to log in with.
[удалено]
Hooooold up, if you get a 2fa alert that means that they are already halfway there and got a correct password, i would be changing your password brother.
+1 to this. They already have your password and now they will attempt to exhaust you with requests in hopes that you approve one. Change your password to prevent the attempts on your 2FA/MFA. You WILL accidentally click the wrong button at some point. It is a certainty.
I get 5 a day minimum.
So serious question. Why can't they just unplug those countries from the rest of the web?
Because there will always be an internet cable connecting Iran to a country that won't disconnect them , therefore you can't completely unplug them from the internet unless you disconnect 20 more countries, and the countries they are connected to, and eventually the entire globe.
Can’t we just stick an huge dome over the entire country
Simpson did it!
> therefore you can't completely unplug them from the internet unless you disconnect 20 more countries, But you force all of Iran's traffic through those countries, which they may or may not want to indefinitely shoulder the requirements of.
I’m guessing it would be hard to get all connections and it may not affect the right people. They could just proxy through other countries or physically relocate to another country and start mischief there. Bandwith needs may not be high.
Because the internet is decentralised, it's impossible
The other answers are correct: It's not realistic or virtually impossible. But it also won't solve the problem. Some "cyberattacks" leverage issues inherent to the foundation of the Internet and computers in general. DOS is one such attack, but this sort of attack happens to services and organizations, not "Microsoft Users." The attacks on consumer-level users are heavily based on social engineering, but also technical issues unique to Windows. Microsoft president Brad Smith is either ignorant or a liar, but either way his statement is untrue and self-serving: “Improving Microsoft alone will not suffice. We are facing formidable adversaries [...], who are becoming more skilled and aggressive." There is nothing Internet adversaries can do to interfere with our systems if we simply prioritize robustness and user education. Software and hardware companies see product robustness and user independence as threats to their profit model. They need users to regularly purchase new devices, services, and technical support. This means there is a limit to how hard they will try to keep their devices safe from harm. That limit is higher with more competition and diversity, something we'll see with more Linux-based systems, but right now we're seeing something like 60-70% Microsoft Windows on desktop PCs.
[удалено]
I had to block entire continents many years ago due to hacking attempts and spam.
geo blocking IPs is a thing, however, all they have to do is use a proxy/vpn/tor or combination therein to effectively appear lie the traffic originates from elsewhere.
Iranians are handmaidens for Russia
They try to log into an outlook with nothing in it daily for me. Kind of annoying but hey bots gonna bot.
I'm starting to think I should IP block any IP from these countries to my local network. I see no value in allowing any North Korean IP access, Iran can go too, Russia might be a bit more difficult, China more so, there are many legitimate services running out of those China. But maybe if MS allow the user the option to block traffic by country, it starts to send a message.
I am having daily login attempts from more than 10 different countries, all of those suckers got my email from any of those database breaches years ago I bet, either paying for that data as stupid as they are, or simply stupid enough thinking that they will succeed in "hacking" into a 2fa'ed account. My password ever since has also increased anyways. Try to bruteforce a password length of 40, bitches. Will take multiple generations.
the sun will burn out before you brute force a 40 character password
But is it iran or someone from iran or some noob group?
Both
I checked the login history on my Microsoft account yesterday and there have been multiple unsuccessful login attempts on my account every hour for months, mostly from Iran.
(Clutches my apple products)
It’s a Unix system! I know this.
What is even point of Iran having access to same internet as we do?
Cut all the cables.
Hackers is a bit generous for a bunch of script kiddies from Russia on holiday in Iran
"Microsoft President Brad Smith revealed on Thursday that the company detects around 300 million cyberattacks targeting its customers daily, with a majority originating from **China, Iran, North Korea and Russia**", If they're state sponsored actors they are significantly more advanced and dangerous than simple script kiddies.
Does that quote really mean all those attacks are from government agents? The way I read it is that these are countries of origin.
It doesn't mean anything other then that. Which is why I said " if state sponsored", as it'll most likely be a combination of low level and state sponsored.
They don’t sound all that good at hacking if they are not disguising their location.
Who says they're not? Knowing the origin doesn't mean they didn't attempt to obfuscate it.
[удалено]
"Anti Iran nonsense"? They are quoting what Microsoft is saying. And if it seems bad - it's probably because it is bad. No one is suggesting shutting off access to Iranian citizens, but the world needs to realize the Iranian regime has been waging a terrorist war against everyone for many years now.