![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Outlook | Windows | Classic Outlook for Windows | For business
Using classic Outlook for Windows in business environments
Hello ZoeyOU
Hi, I'm Karl and will be happy to help you today.
While that is a type of message sent by Microsoft, there are many <phishing> scam emails being sent that look very realistic. You cannot go by the <from> address since a spammer can "spoof" this address to make it look like it's coming from wherever they want.
First thing to do is check the activity on your account for any unexpected log ins. If you don't see any, then the message is nothing more then a phishing scam. No one can change anything on your account without first signing into the account
https://account.live.com/Activity
If you do seen any unusual log ins, then check the security info for your account and correct it as required and then change the password to your account immediately
https://account.microsoft.com/security
The following is a standard reply I give to those who ask about a sudden increase in <spam> and <unexpected> log in attempts which you may find of interest
The usual source of a sudden increase in failed login attempts or spam mail received is that the email address was harvested by a hacker who breached a data base on a website where you subscribed to something. That database gets repeatedly sold to other hackers/spammers on the dark web.
Many people think that hackers penetrate the actual Microsoft servers to gain access to email accounts when that isn't the case. Instead they gain access to an actual account via any number of other ways including phishing emails.
You can check to see if the email address comes up on a breached database on the following website created/run by Microsoft MVP Troy Hunt.
Pwned websites
https://haveibeenpwned.com/PwnedWebsites#Epik
Other articles that may be of interest
The 773 Million Record "Collection #1" Data Breach
https://www.troyhunt.com/the-773-million-record...
How Do Spammers Get My Email Address?
https://www.lifewire.com/how-do-spammers-get-my...
Protect your privacy on the internet
https://support.microsoft.com/en-us/help/409145...
*** if you find that the email address was on a breached website where a password was also entered, what you really do want to do is make sure that the same email address/password combination is NOT being used on other sites (i.e. Social Media, Facebook, Paypal, Amazon etc) and if that password is still the one being used on your email account - make sure to change it immediately. Not a question of <IF> a hacker will test those account(s) - just a matter of <WHEN>
Required Forum Disclaimer: The above links is a non-Microsoft website. The pages appear to be providing accurate, safe information. Watch out for ads on the site that may advertise products frequently classified as a PUP (Potentially Unwanted Products). Thoroughly research any product advertised on the site before you decide to download and install it.