Home Infrastructure account.msa.msidentity.com
This site failed important safety checks — please read this before going any further.
Be careful — Dangerous

No — account.msa.msidentity.com doesn't look safe

12/ 100 trust score
Industry: Infrastructure Checked Jul 10, 2026 Infrastructure average: 44 16 signals

In plain English

Do not trust this site. It presents as a Microsoft account login page but has an invalid SSL certificate, no registered ownership, and no history of existence. Your browser would show a security warning, and the site is effectively unreachable. This is not how Microsoft runs its login infrastructure.

What you should do now

Don't panic. These steps limit the damage, and the sooner you take them the better.

1

Don't enter any details

No passwords, card numbers or personal information — even if the site looks professional.

2

Close the tab

Especially if you got here from an email, text message or social media ad.

3

Already paid? Call your bank

Contact your bank or card provider right away. They can often stop or reverse a recent payment.

4

Warn others

Report the site and share this check with anyone who sent you the link.

N Partner pick
Better safe than sorry. Stay covered everywhere: NordVPN's Threat Protection blocks known scam sites before they load.
Try NordVPN →
Cross-referenced 16 live signals from Google Safe Browsing, VirusTotal, WHOIS and more on Jul 10, 2026. How we score →

Where the score comes from

We look at six areas. Here's how account.msa.msidentity.com did in each.
10
Security

This is the biggest red flag. The SSL certificate is invalid for this domain — it was issued for a long list of Microsoft properties but not for account.msa.msidentity.com. Your browser would show a security warning, and the site is unreachable because of it. For a login page handling passwords, that is a critical failure.

15
Identity

The WHOIS record shows no match for this domain, meaning registrant info is either hidden or the domain doesn't exist in the registry. Combined with no favicon, no web archive history, and no Trustpilot profile, there's basically no identifiable owner. A Microsoft login page should have clear corporate ownership.

40
Reputation

On the plus side, the domain isn't on any blacklists and Google Web Risk sees no threats. But there's no Wayback Machine history at all, and it's not in the top 1 million sites. The clean reputation signals are the only thing keeping this category from being a total loss.

10
Transparency

There's no favicon, no Trustpilot profile, and no contact or about information visible. For a site asking for your Microsoft account credentials, you'd expect clear branding and a way to verify who operates it. This site offers none of that.

15
Compliance

A legitimate login page from Microsoft would have privacy policies, terms of use, and cookie consent. This site lacks all of that, and the redirect sends you to a different domain entirely. That's not how a proper login flow works.

30
Infrastructure

The domain is hosted on Microsoft's own network (AS8075), which is consistent with a Microsoft service. But the SSL certificate mismatch, DNSSEC being off, and the redirect to a separate domain (login.microsoftonline.com) point to a misconfigured or incomplete setup.

What we checked

The 16 signals behind this report.
Security & Transport
Certificate Issuer
DigiCert Inc
Google Web Risk
Clean
SSL Certificate
Invalid
Site Reachable
Unreachable
Identity & WHOIS
Branding
Missing
Infrastructure & DNS
DNS Blacklists
Clean
DNS Resolution
8 IP(s)
DNSSEC
Not enabled
Email (MX Records)
None
Hosting Network (ASN)
AS8075 MICROSOFT-CORP-MSN-AS-BLOCK
Reputation & Reach
Sitemap
Not found
Tranco Rank
Not ranked
Trustpilot
No Trustpilot profile
Web Archive History
No archive found
robots.txt
Not found
Other
Site Redirect
Redirects to login.microsoftonline.com

Think this verdict is wrong?

Site owners can request a fresh scan. Scores update automatically as signals change.

If you landed on account.msa.msidentity.com and saw a Microsoft login screen, you might have assumed it was legitimate. But our investigation reveals a site that should not be trusted. The most immediate problem is the SSL certificate: it is valid for dozens of Microsoft domains but not for this one. That means your browser would warn you the connection is not secure, and the site is actually unreachable because of the mismatch. That alone is disqualifying for any login page.

Beyond the certificate, the domain has no identifiable owner in the WHOIS database, no history in the Wayback Machine, and no favicon — small signals that together paint a picture of something that does not operate like a real Microsoft service. The redirect to login.microsoftonline.com may look normal, but the underlying infrastructure is broken. For anyone asking 'is account.msa.msidentity.com a scam?', the evidence points to a misconfigured or abandoned domain that should not be used. Never enter your Microsoft credentials on a site with an invalid certificate, regardless of how official the branding looks.

More Infrastructure sites

How similar sites score. See all →