Unsolicited Microsoft Single-Use Code Emails and Account Security

The post describes receiving unsolicited Microsoft single-use code emails, likely due to threat actors checking if email addresses are linked to Microsoft accounts for potential credential-stuffing attacks. The author details steps taken to secure their accounts, including changing primary email addresses, disabling aliases, enabling MFA, and reviewing security logs. They note Microsoft’s security logs do not record these code requests, only successful logins. The issue affects both personal and business users, with no official response from Microsoft.