Answer the question
In order to leave comments, you need to log in
How can I create a Microsoft account on someone else's number?
Received several SMS with a code from Microsoft: "Use XXXXXXX as a security code." I didn't create any account, of course. A day later, I tried to recover the password to my phone number from my live.com account, saw someone else's name, date of birth, and several successful logins to various devices and providers in the account.
How could my phone get into someone else's account if you need to enter a code from SMS to confirm the creation of an account?
The phone is clean as far as I can tell. Of the applications that have access to SMS - only gapps, nothing more.
Answer the question
In order to leave comments, you need to log in
Enter your number - anyone can.
Probably that person received the activation code by E-mail or something else.
It seems to me that you did what is called "unauthorized access to someone else's account"; it is a crime, it is punishable. The fact that some idiot entered your phone number does not give you the right to intercept access to your account, change your password, etc.
Perhaps the rightful owner of the account will contact you - help him regain control of the account. Or contact M$ yourself and report the bug.
There are options.
For example, the user was the owner of this number some years ago, has already stopped using it, the number already belongs to the new owner, but Microsoft does not know anything about it.
Or the number was indicated at a time when it was not checked by SMS at all, and maybe even the phone number was an optional field that could easily be omitted or filled in with errors. After all, there were times when Microsoft did not have a single account, different databases could have very different data, and when merging an optional number, it got into the required ones.
There is an assumption that the code was chosen just by chance. That is, the attacker tried his luck and for several attempts entered the code that was sent to you.
Or he exploited a known SS7 vulnerability: https://xakep.ru/2017/05/05/ss7-attacks/
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question