Office 365 website loaded AD creds with bogus recovery email?

Tonst3r 1 Reputation point
2021-07-22T17:49:05.647+00:00

Hello,

This is a weird one, but my boss brought it to my attention and was hoping to gather thoughts/advice/etc.

So the Active Directory logins we use for the computers are separate/different from our office 365 sign-ins. My boss went to sign-in to Office 365 in his browser today, and it defaulted to showing his Active Directory / Computer login as the username. Underneath the "forgot password" link, was a link to "Email xx****@Stuff .com". The first two letters were the same as his first name, but he doesn't have any similar gmail account. What's stranger, is that there's no domain in his A.D. login, just letters, so this username didn't seem possible.

He called me to check into this out of concern. The Windows/Active Directory automatically filling-in for the Office 365 login didn't seem too crazy on it's own, but having the unknown email address linked to it worried him.

I went to login.microsoftonline.com and tried entering MY Active Directory name as the sign-in, instead of my normal Office 365 email. I tried my password, which of course didn't work, but then when I clicked "Forgot Password" it gave me the option to "Email a.****@verizon .net". My first name starts with A, so now I'm curious as well.

I tried making a new Microsoft account with just my Active Directory username to see if it said it's taken, but it told me you can't make an account without having "@something .etc", so how the heck does this account exist? My guess is related to other accounts having the same name as ours, maybe old ones migrated before office365, idk, but we figured it was worth asking if anyone is familiar with this situation. Our actual Office 365 accounts are all MFA protected, but it's concerning nonetheless.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,655 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. VipulSparsh-MSFT 16,236 Reputation points Microsoft Employee
    2021-09-13T07:03:41.737+00:00

    @Tonst3r Thanks for reaching out and apologies for delay on this.

    A work user account can have the @Stuff .com as backup/recovery account. Were you able to investigate more on this about this?
    If you do not recognize the account, I am sure that has been removed by now and a newer one has been added which was verified.

    Do let us know about the status, so that we can help you accordingly.

    -----------------------------------------------------------------------------------------------------------------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    0 comments