ACSC Logo
© 2026 GEMXIT
GEMXIT Logo
Identity Security • Entra ID • Sign-in Risk

Using Impossible Travel Sign-ins to Teach Real-World Security Skills

A practical security briefing on identity anomalies, sign-in risk and what “impossible travel” events can reveal about compromised accounts in modern Microsoft environments.

Discuss your environment Back to briefings
Agent Foskett impossible travel sign-in briefing
Briefing summary

The login succeeded. The user looked normal. But the sign-in logs told a very different story — one that no person could physically explain.

Two distant locations
Successful authentication
Compromise hidden in plain sight

What happened

The account signed in successfully — but not credibly.
An impossible pattern appearedThe same user account showed a successful sign-in from Melbourne, followed shortly after by another from London. The activity was valid in the logs — but impossible in the real world.
The hidden riskBecause authentication succeeded, the activity could easily be overlooked. Without active review of sign-in behaviour, compromised access can blend in with normal usage.
Lesson learnedSuccessful login events do not always mean safe access. Identity security depends on context, patterns and risk signals — not just a green tick.
Reviewing Entra ID sign-ins, risk events or Conditional Access?
GEMXIT helps organisations interpret identity telemetry, strengthen access controls and turn sign-in data into practical security outcomes.
Contact GEMXIT
ACSC Logo  GEMXIT PTY LTD   GEMXIT UK LTD   © GEMXIT 2026

Agent Foskett Impossible Travel Sign-ins

This Agent Foskett cyber briefing covers impossible travel events, compromised accounts, identity telemetry and Microsoft Entra sign-in risk.

It highlights why successful authentication alone is not enough to prove trusted access.