Suspicious login alert from an unknown location on a work account
Someone is trying to break into that account — act now. First, make sure it's really the employee by contacting them directly. Then change their password and turn on multifactor authentication so only they can log in.
When you see a login from an unknown location, someone with the password is trying to access the account — or they've already got in. Your employee's password was breached somewhere. Change it right away and add multifactor authentication so a password alone won't work. Then check their email to see if anyone has sent messages, deleted mail, or accessed files.
Fix-IT-Bot will walk you through each step — just tap, no typing needed.
Skip — I just want a technicianCommon mistakes to avoid
- Not changing the password fast enough — every hour an attacker has access is another hour they can steal data
- Changing the password but not enabling multifactor authentication — an attacker can guess the new password
- Not checking email for damage — the attacker can have already sent messages or deleted evidence
- Not telling the employee what to do if they're still getting suspicious prompts after the password change
Signs you need professional help
- You find emails the attacker sent to customers or external contacts — contact your IT support to investigate
- Suspicious logins continue after you change the password and enable multifactor authentication
- The employee's device has malware that keeps stealing passwords — you need professional removal
- You're not sure if customer data was accessed or need help notifying affected people
Book a technician
We can fix most issues remotely in 15 minutes. Weekend appointments — book your slot and we handle the rest.
Can't fix it yourself?
Most issues are resolved remotely in 15 minutes. Weekend appointments only — no parts, no in-home visit needed.