Share via

Received multiple Single Use code request email notifications: PLEASE ADDRESS MICROSOFT! This is not safe.

Anonymous
2022-01-20T20:18:06+00:00

I keep looking for a place on this website to speak to a Microsoft employee about this, but I can't find any obvious links. Something has been compromised for several of us, dating back to 2020 according to these forums and some reddit forums, but also more frequently in the last month.

I received single use code requests from Microsoft on 12/24/21, 01/03/2022, 01/07/2022, 01/14/2022, and yesterday 01/19/2022. The last two were not recorded in my security history.

The emails always state:

Hi [email address]We received your request for a single-use code to use with your Microsoft account.Your single-use code is: [Code]If you didn't request this code, you can safely ignore this email. Someone else might have typed your email address by mistake.Thanks,The Microsoft account team

"Someone might have typed my email address in by mistake." Is absolutely NOT a good excuse. They do not even advise you to check your security settings, most places say if the log in attempt wasn't you to contact them.

When I look into these notifications on my account, it says there was failed attempts at my password AND these two of these devices are in South Africa and Brazil. I live in the U.S. and I haven't logged into this account since I cancelled my Office 365 subscription around December 10, 2021.

Someone has my e-mail address and several other Microsoft users addresses and are attempting to log in to our accounts multiple times. I don't know that changing our account password will actually help and wonder if this is what the hackers want you to do.

I honestly want to remove my e-mail address to stop getting the notifications and redirect it to a different address but I'd have to create a whole new account just to do that.

Microsoft 365 and Office | Subscription, account, billing | Other | Windows

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments
Answer accepted by question author
  1. Anonymous
    2022-06-25T05:11:35+00:00

    I have faced the same issue as others on this thread: many single-use code emails, but no unauthorised log in attempts when I reviewed the access history.

    Why the problem was occuring:

    My primary email address was listed *on another Microsoft account* as a recovery email/method to receive a secure code to log in. I had forgotten that account existed, but once I logged into that account I could see many, many unauthorised attempts to log in (from a VPN presumably, since there were connections from everywhere).

    Solution that worked for me:

    Work out what old account I had set my email as a recovery account for. Log into that account and removed my email.

    Recommendation to Microsoft:

    • include information of which account is generating the single use code email
    • consider ways to improve security, since as per a previous post of mine, I have concerns that bad actors could brute force a 7 digit number 'password' with enough attempts/email addresses.
    606 people found this answer helpful.
    0 comments
Answer accepted by question author
  1. Anonymous
    2022-04-21T14:39:40+00:00

    I have been getting dozens of single code requests for the past month. I spoke to a Microsoft advisor through their live chat system. He said I had taken all the right steps (Changed Password and added Two Step Verification on the account AND enabling Microsoft Authenicator on my phone where I have to physically enter details to access my email account before any details are changed)

    He said I can safely ignore the emails as they won't get in. Just annoying.

    I advise you to follow what I have done.

    470 people found this answer helpful.
    0 comments

12 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2022-03-24T16:07:17+00:00

    I get this same email at least a few times a week. The email address that it goes to isnt even associated with a microsoft account.

    Is it possible this email is being used as a recovery account? How would I go about finding that out, and finding out which account it IS associated with?

    140 people found this answer helpful.
    0 comments
  2. Anonymous
    2022-03-25T10:29:34+00:00

    "When I look into these notifications on my account, it says there was failed attempts at my password AND these two of these devices are in South Africa and Brazil."

    ==> Can you share with me the steps to look into these notifications and see where these devices are located?

    111 people found this answer helpful.
    0 comments
  3. Anonymous
    2022-01-20T20:57:09+00:00

    Hello AnonH

    Hi, I'm Karl and will be happy to help you today.

    There is no way to prevent anyone from someone from attempting to log into any account (whether a Microsoft or any other account)

    If you want to prevent the ability to sign in using this email address, the process would be

    #1 - Create a <NEW> Outlook.com <alias> address for the account

    #2 - Make the new alias address the <primary alias> for the account

    Add or remove an email alias in Outlook.com

    https://support.office.com/en-us/article/add-or...

    #3 - Set the old email address so that it cannot be used to sign into the account using this link scrolling down to click on <change sign-in preferences>

    https://account.live.com/names/manage

    The following is a standard reply I give to those who ask about a sudden increase in <spam> and <unexpected> log in attempts which you may find of interest

    The usual source of a sudden increase in failed login attempts or spam mail received is that the email address was harvested by a hacker who breached a data base on a website where you subscribed to something. That database gets repeatedly sold to other hackers/spammers on the dark web.

    Many people think that hackers penetrate the actual Microsoft servers to gain access to email accounts when that isn't the case. Instead they gain access to an actual account via any number of other ways including phishing emails.

    You can check to see if the email address comes up on a breached database on the following website created/run by Microsoft MVP Troy Hunt.

    https://haveibeenpwned.com/

    Pwned websites

    https://haveibeenpwned.com/PwnedWebsites#Epik

    Other articles that may be of interest

    The 773 Million Record "Collection #1" Data Breach

    https://www.troyhunt.com/the-773-million-record...

    How Do Spammers Get My Email Address?

    https://www.lifewire.com/how-do-spammers-get-my...

    Protect your privacy on the internet

    https://support.microsoft.com/en-us/help/409145...

    *** if you find that the email address was on a breached website where a password was also entered, what you really do want to do is make sure that the same email address/password combination is NOT being used on other sites (i.e. Social Media, Facebook, Paypal, Amazon etc) and if that password is still the one being used on your email account - make sure to change it immediately. Not a question of <IF> a hacker will test those account(s) - just a matter of <WHEN>

    Required Forum Disclaimer: The above links is a non-Microsoft website. The pages appear to be providing accurate, safe information. Watch out for ads on the site that may advertise products frequently classified as a PUP (Potentially Unwanted Products). Thoroughly research any product advertised on the site before you decide to download and install it.

    285 people found this answer helpful.
    0 comments