![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Outlook | Web | Outlook.com | Account management, security, and privacy
Managing personal Outlook.com account settings, security, and privacy
Hello DominikaYS
Thank you for using Microsoft products and posting them in the community.
I understand that you are confused about the email you received from @accountprotection.microsoft.com, and I understand your feelings.
Based on the email domain alone, we cannot determine whether this is spam. Because Microsoft's official support points out that valid verification codes come from @accountprotection.microsoft.com email addresses.
In your current situation, it is recommended that you do not click on the email link for the time being, but check your account login record through the official account management window. If there are only one or two login attempts, it is possible that someone else logged in to the wrong account and made a request. If there are a large number of login attempts from unknown locations, it is recommended that you temporarily disable login access to your original login. You can temporarily hide your login from your Microsoft account for 3-5 days, and then reopen it after hiding for a period of time.
https://account.live.com/Activity
Click this link to sign in to your Microsoft account at https://account.microsoft.com/ , click [Your info]-[Account info]-[Edit account info] You can add an alias to your account in this interface and set the added alias as the primary alias. You can click [Change Login Preferences] below to uncheck the checkbox in front of your old account, this will make the old account name unavailable for login, which may prevent hackers from logging in constantly. You will also not be able to log in to your account with your old account name. In our tests, you may still receive emails with your old account name.
Note: Don't delete the alias unless you no longer need it. If your email address is an Exchange (for example, @hotmail.com、@outlook.com), after you delete it, you can no longer restore it. This means that you cannot receive the email that other people send to this address.
Usually, hackers don't attack the same account continuously, there is a duration of the attack, if your account doesn't exist for a long time, the hacker's automated attack script may not make any more access attempts. You can reset your original name to the primary alias after a certain period of time, we generally recommend that users hide it for 3-5 days.
In that situation, you can improve account security by doing the following. Change your account password to a combination of numbers, letters and special symbols. Verify that the account security information has not been changed and log out of the account in all locations. Check if the mailbox is configured with email forwarding rules or if the automatic forwarding feature is enabled.
- Reset a forgotten Microsoft account password - Microsoft Support
- Microsoft account verification codes and security info - Microsoft Support
- How to sign out of your Microsoft account on the go - Microsoft Support
- Turn automatic forwarding on or off in Outlook.com - Microsoft Support
I hope this information was helpful to you. If you have any questions. Feel free to let me know if my steps or understanding are wrong or if there is any progress on the matter.
Best wishes
Forry.F - MSFT | Microsoft Community Support Specialist