Hi All,
We are receiving calls from employees that there accounts are being locked out. It has happened to two IT Admin aswell and we cannot find anything as to why this is happening.. it seems happen to one account at a time so we suspect someone is trying to access the accounts.
Without a successful login we cannot see where the account is trying to be accessed.
So my question is, is there any software we can deploy or GPO script we can use to track attempted logins?
Or any other good ideas are welcome..
P.s we had a senior member of the company the other day have a old work email spoofed and someone was sending out a email with malware on it to 57 email addresses which none of are linked to are company.
We are receiving calls from employees that there accounts are being locked out. It has happened to two IT Admin aswell and we cannot find anything as to why this is happening.. it seems happen to one account at a time so we suspect someone is trying to access the accounts.
Without a successful login we cannot see where the account is trying to be accessed.
So my question is, is there any software we can deploy or GPO script we can use to track attempted logins?
Or any other good ideas are welcome..
P.s we had a senior member of the company the other day have a old work email spoofed and someone was sending out a email with malware on it to 57 email addresses which none of are linked to are company.
Last edited: