User receiving email about suspicious activity

A user of ours(an end user, trying to log in using magic link. I.e. not one of our own auth0 account users.) received an email about suspicious activity

The IP listed in the email was the users IP.
The account-name is ours.

What is the cause of this email?
Why is the end-user receiving this email?
How do we prevent it appearing again?

Thank you
// Javier

Hi @javier.ubillos,

Welcome to the Auth0 Community!

I understand that you have a user that encountered the Suspicious Activity message when trying to log into your application.

The reason this email is triggered is from Auth0’s https://auth0.com/docs/configure/attack-protection. These end-users may be blocked if they are found violating any of the following:

Then the end-user will receive an email to unblock themselves to remedy the blocking if it was a mistake.

If you would like to prevent these messages from appearing again, you can disable the Attack Protection features on your Auth0 Dashboard > Security > Attack Protection settings. But be mindful that this is not recommended and will run the risk of these attacks on your application.

Please let me know if you have any other questions.

Thank you.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.