Does the VM is reachable by a Public IP and protected by a NSG with an NSG Rule that allows RDP connections?
If so it's maybe helpful to deny the RDP connection in the NSG if not needed.
Also JIT might be an option: Secure your management ports with just-in-time access
Maybe this is helpful.
Regards
Andreas Baumgarten
(Please don't forget to Accept as answer if the reply is helpful)