✓ This was a security awareness exercise

Don't worry — no account or password was stored.

The "Microsoft 365 unusual sign-in" alert you just received was part of an authorized phishing simulation run by [your organization / IT security team]. The email was simulated and the sign-in page was fake. The goal is to help everyone practice spotting suspicious emails before a real attack happens.

Account-security alerts are one of an attacker's favorite lures: they trigger both fear (your account is hacked) and urgency (you might get locked out), so you enter your password before stopping to verify. There was no harm this time — it's a great chance to practice.

What were the warning signs?

  • Fear + urgency: "unusual sign-in" and "prevent it from being locked" push you to act instantly.
  • The link wasn't an official domain: hover over the button (don't click) and check whether it's microsoft.com / login.microsoftonline.com or a lookalike.
  • It asked you to enter your password: to check your account, open the official site or your company SSO yourself — not a link in an email.
  • Convincing but unverifiable details: IP, location, and device can all be faked; they don't make an email genuine.

What to do next time

1. Pause. Don't rush to click links or enter your password.

2. To check account security, open the official site in your browser yourself — don't use the email link.

3. Turn on and trust MFA (multi-factor authentication) — even if your password leaks, it's another line of defense.

4. When in doubt, verify or report to [IT service desk / security contact]. Reporting is never penalized.

Thank you for taking part. Your alertness is the organization's best line of defense.