Share via

I keep getting emails that say I am trying to login but this is not the case. Am I getting hacked? PLEASE HELP!

Faheem H/Digital IT/CITPL 0 Reputation points
2026-05-20T10:17:48.15+00:00

I keep getting this email that says.
We received your request for a single-use code to use with your Microsoft account.

Outlook | Web | Outlook.com | Account management, security, and privacy
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. DaveM121 882.3K Reputation points Independent Advisor
    2026-05-20T10:53:03.96+00:00

    Log into your Microsoft account on this link to check the recent activity on your account, do you find any attempted logins from locations/countries you do not recognize, and if so, is it indicated the attempted logins were successful.

    https://account.live.com/Activity

    Was this answer helpful?

    1 person found this answer helpful.

  2. AI answer

    2026-05-20T10:18:01.82+00:00

    Those emails usually mean someone (or an automated system) is repeatedly trying to sign in using the account name, not that they have successfully hacked the account.

    Key points and checks:

    1. Confirm the email is really from Microsoft
      • Legitimate verification-code emails come from the @accountprotection.microsoft.com domain.
      • For unusual sign-in alerts, the sender is typically ******@accountprotection.microsoft.com.
      • If the sender is anything else, treat it as phishing and ignore/delete it.
    2. Why you are getting codes when you did not try to sign in
      • Someone may be trying to access the account.
      • Someone may have mistyped their own email/phone and accidentally entered yours.
      • A code that arrives late could be from a request made some time ago.
      • As long as no code is entered by an attacker, the account remains protected.
    3. What to do right now
      • Do not respond to or use any verification codes you did not request.
      • Immediately sign in to the Security basics page and:
        • Review the Recent activity to see if there are unfamiliar sign-ins. If you see activity that is not yours, mark it as This wasn’t me or Secure your account where available.
        • Change the password to a strong, unique one if there is any doubt.
      • Check that the security info (alternate email, phone) is correct and belongs only to you.
    4. If you keep getting unrequested codes
      • Consider going passwordless (for example, using Microsoft Authenticator, Windows Hello, SMS/Email codes, or a security key) as described in the passwordless guidance. These methods are more secure and can reduce reliance on passwords that can be guessed or phished.
    5. If you suspect the account is already compromised
      • Follow the hacked/compromised account recovery guidance and complete the account recovery form with as much accurate information as possible.
      • After regaining control, remove any unknown aliases or security info and add trusted alternate email/phone.

    As long as the codes are not being used to complete sign-in, the repeated emails alone do not mean the attacker has access, but they are a strong signal to secure the account immediately and review recent activity.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

    1 person found this answer helpful.
  3. Faheem H/Digital IT/CITPL 0 Reputation points
    2026-05-20T11:20:30.54+00:00

    someone has logged into my account from a place thats not my location

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.