Microsoft account alert regarding unusual sign-in activity.

The message describes an unusual sign-in to a Microsoft account from Nepal (IP 103.186.197.166). This is a standard Microsoft security alert indicating that the account was accessed, or an attempt was made, from a new or unexpected location.

To respond:

1. Check recent activity
   • Go to the Recent activity page for the Microsoft account (for personal Outlook.com/Microsoft accounts, use the recent activity page referenced in the documentation).
   • Review the sign-in at the specified date, time, country/region, IP, and platform.
   • If the sign-in was not performed by the account owner, mark it as “This wasn’t me” where available.
2. Secure the account if the activity is unfamiliar
   • Immediately change the account password to a strong, unique password.
   • Add or confirm alternate email and mobile phone as security info so recovery is easier in the future.
   • Enable two-step verification / multi-factor authentication if not already enabled.
3. If sign-in was legitimate
   • If the account owner was traveling, using VPN, or a new device/app at that time, this alert can be normal. Confirm the activity in the Recent activity page and continue using the account.
4. Ongoing monitoring
   • Periodically review sign-in activity (for personal accounts via the recent activity page; for work/school accounts via the My Account → My sign-ins page) to detect any further unusual sign-ins.

If any email about this alert is in doubt, verify the sender: legitimate unusual sign-in alerts for personal Microsoft accounts come from the Microsoft account team at the domain @accountprotection.microsoft.com.

References:

• What happens if there's an unusual sign-in to your account
• Respond to unusual activity
• Help protect your Outlook.com email account
• View your work or school account sign-in activity from My Sign-ins