Review warning signs
Check unexpected MFA prompts, unfamiliar sign-ins, unknown sent email and suspicious password alerts.
Could your Microsoft 365 account already be at risk?
This self-check cannot confirm whether an account is compromised. It helps identify warning signs that should be reviewed by someone with the right Microsoft 365 admin access.

Use this quick guide before you ignore a warning sign, approve a request or keep a risky process running.
Privacy: answer in general terms only. Do not enter passwords, login codes, card numbers, bank passwords, ID numbers or private customer records.
Tick the statements that match your business situation. The result updates automatically.
Check unexpected MFA prompts, unfamiliar sign-ins, unknown sent email and suspicious password alerts.
Look for unknown forwarding, inbox rules, delegation or hidden mail handling.
Secure admin accounts, remove old staff access and review shared mailbox access.
If you see signs of unusual Microsoft 365 activity, do not ignore it. Your IT & Tech Mates can help review sign-ins, mailbox rules, admin access, MFA settings and recovery options.
No. It is a self-check for warning signs. A proper review needs admin access and the right account logs.
Start with unexpected MFA prompts, unfamiliar sign-ins, mailbox rules, sent mail and admin accounts.
No. Staff should only approve prompts they started themselves.