![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 71%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECK%3C/text%3E%3C/svg%3E)
Hello, thank you for reaching out to Microsoft Q&A.
The email you received is a SCAM.
Hackers can use any email address in the "From" field. If you receive the email from your own address, it doesn't mean your account has been hacked. There have already been several reports of users receiving the same email as yours.
In this situation, all you have to do is protect your account and report the email to Microsoft.
To report the email, select ⋮ at the top right of the screen.
- Select Report as Spam from the drop-down menu. (Mark the email as phishing) and move it to the Junk folder or delete it from your emails.
Next, please review your recent account activity page to check for any unusual activity in your account.
https://account.live.com/Activity
This will ensure your account is safe and secure.
It is good to know that you've already enabled Passwordless sign-in for both of your Microsoft accounts and are using Microsoft Authenticator for sign-in. This provides stronger protection for your account, making it nearly impossible for hackers to gain access.
To review your account security info (See Manage how you sign in) page,
https://account.live.com/proofs/Manage
You can enable the password sign-in option if you want. Then, you can click the "Sign out everywhere" option on the same page to sign out of all your signed-in devices.
Let me know if you still need more help.