Unwanted code

Question

I received an email from Microsoft with a requested single-use code. I never requested one. Can the location be found of the device where this was requested so I know I'm not being hacked?

Answer 1

Sign into the account here: https://account.microsoft.com, then go to Security to review the sign in activities. When you reviewed the account's sign in activities, Click into those labeled as "unsuccessful sign in", you can click on it to expand it to review the Session activity. If it is incorrect password, it won't generate a code. And there's nothing to worry about. If it is request denied xxx, that means this activity had your password entered correctly, and a code was generated, but it didn't pass the two factor verification. In the latter scenario, you want to change the password asap.

If you can NOT find any unsuccessful sign-in with the "request denied" labeling, it can mean that someone else left your contact information as their security info, usually due to typo. In this case, your account is not in any danger. Unfortunately there's also nothing you can do about it until this other user realized they needed to update their contact info.

Another way to find out which scenario is yours is to go to the account https://account.microsoft.com click on Security > Advanced Security options, set up authentication app instead. That way, if you continue to receive code via text or email instead, you would know 100% that it is NOT about your account, but someone else left your phone/email as their contact info due to typo.

Answer 2

A Microsoft verification code email that was not requested usually means one of three things: someone is trying to sign in as you, someone mistyped their email/phone, or a delayed code has finally arrived.

The location of the device that triggered the code request cannot be seen from the code email itself. However, Microsoft protects the account in these situations:

1. Do not use or reply to the unsolicited code.
2. Confirm the email is legitimate:
   • Valid verification-code emails come from the @accountprotection.microsoft.com domain.
3. Secure the account:
   • Go to the Microsoft account security pages directly by typing https://account.microsoft.com in the browser (do not use links in suspicious messages).
   • Change the password to a strong, unique one.
   • Review and update security info (phone numbers, alternate emails) and remove anything not recognized.
   • Turn on two-step verification or passwordless sign-in if not already enabled.
4. Check for unusual sign-in activity:
   • Use the Recent activity page (linked from the Security basics page) to review sign-ins and mark any that were not performed as “This wasn’t me.”

If more unrequested codes continue to arrive, treat them as a sign that someone may be repeatedly trying to access the account and keep all security info up to date. Without the code, an attacker cannot complete sign-in.

---

References:

• Can I trust email from the Microsoft account team?
• Troubleshoot Microsoft verification code issues
• Why is Microsoft texting me?
• Common problems with two-step verification for a work or school account
• What happens if there's an unusual sign-in to your account