Since the middle of last month, I have started receiving at least one Microsoft password reset e-mails a day, sent to my secondary e-mail address, regarding my primary e-mail address (MSN or Hotmail). These e-mails have no phishing-like links in. I believe them to be a legitimate password reset e-mails. Which means someone is repeatedly trying to reset my password. There appear to be no (recognizable) attempts to break into my secondary e-mail account. I am using the Authentication app for MSN/Hotmail email (2FA). I have changed my MSN email password once already (not using the email). Of course, my MSN password is also my primary MS password. Do I need to be concerned? What else do I need to do?
I have a simple hotmail account, which is secured by an Authy TOTP for 2FA, same as you. I have never seen a reset request in over a decade with that account. You don't need to post it here but I wonder if you are using a very common email address with a minor variation. If so maybe someone is similarly named and is transposing a number or letter. - maybe. My 02
I have not experienced the problem that you mention but I have a gmail account, which is, for example, joe.bloggsATgmailDOTcom and I receive mail from time to time for joebloggsATgmailDOTcom Some of the mail is quite important like booking tickets etc or ordered things from the internet and even all the organizational work for a country bring and buy sale The dot should be taken into consideration and give me a unique email address but some times doesn't seem to be, so it may be you are receiving mail meant for someone else. ...or it's a password reset email scam
Gmail is specific in that regard as dots don't mean anything to them. So joe.bloggs and joebloggs are same account. More info here: https://support.google.com/mail/answer/7436150?hl=en
Thanks everyone for your responses. The only thing that I can think of is that my wife got a new laptop and gave me her old one. Of course, she was the admin and the login was hers. So, I created a new user (myself) and gave myself an admin account. I now login with my MS account on that laptop. (I left her login on the laptop as well.) I can't see how logging into this laptop with my MS/MSN account has anything to do with me receiving password reset requests? The good news, however, is that as of 9:30 am, I've not received a password request email yet today.
Msoft killed an account of mine that I had from even before they took over H+tmail ( I was one of the first few to join) because I couldn't remember the lies that I told when first setting up the account. They said that the reason it was flagged was because of 'unusual behaviour' The robots wouldn't let me back into a decades old account. My fault for not jotting down my lies. I lost a lot of personal emails. Ah! for the days of Pine, Elm and RocketMail sigh
@Alexhousek - These e-mails have been sent for a long time, and they are all so-called false messages sent by malicious people to access your e-mail accounts in order to obtain more information about you. They are mainly interested in your bills and who sends you the bills and how you pay them. Also, whether you send invoices to someone yourself. You will usually be asked to change your password and then confirm it. Of course, the data will also be sent to those who sent you an email to change your password. Now that you do, you've given any people access to your accounts, meaning they're free to use your accounts. In general, they are particularly interested in invoices and invoice senders. If they know all of this, they will also know exactly when this invoice should arrive to you, and they are free to remove it from your mail and send a message requiring you to change your account number and pay the invoice to the new number. Of course, you don't know anything about it, and should a transfer be made through this invoice, it will be credited to another account sent from your inbox. I'm not going to tell you more about this, but REMEMBER - these are called phishing scams to gain access to your data. It's one old story, began about half year ago again.
Thank you for your replies. As bjm_ demonstrated with his picture, these are legitimate emails from Microsoft. That means that someone is trying to access my msn email account. Of course, I would never click on a link in one of these emails (even if they are legitimate). However, after the first couple, I did login separately to my msn account and change my password. And, still the emails continue. I've also installed the "authenticator" app (Android) from Microsoft which serves as 2FA. At this point, there's not much I can do to stop someone from trying to reset my msn password (and from receiving the emails). It's just very disconcerting.