accountprotection.microsoft.com Scam and Fraudulent Email

Emails from accountprotection.microsoft.com are generally legitimate. Microsoft uses this official domain to send security codes and login alerts. However, scammers frequently spoof email headers to mimic this address. If you receive unrequested codes or alerts, do not click any links, as it could be a phishing attempt or someone mistyping your email.

How to Tell if it's Legit vs. a Scam

It is likely a Legitimate Microsoft email if:

The email domain is exactly accountprotection.microsoft.com.
You are trying to log in, reset your password, or access a Microsoft service (like Xbox) and requested a code.
The email contains a security code you just asked for, or lists a recent login that you genuinely made.

It is likely a Scam / Phishing attempt if:

You never requested a code, yet an email pushes you to click a link or provide information to "unlock" or "verify" your account.
The email demands immediate action (e.g., "Your account will be deleted in 24 hours") and includes urgent, threatening language.
The email contains spelling mistakes or poor grammar.

What You Should Do

NEVER click links directly from the email. Scammers can make a fake link look perfectly safe.
Manually check your account: Open your web browser, go to https://account.microsoft.com, and log in there.
Verify the activity: Once logged in, go to your Security tab and click Review activity. This will display all official, recognized sign-ins and successful logins to your account.
Change your password: If you notice unauthorized sign-ins in your official activity history, change your password immediately and turn on two-factor authentication.

For more details on recognizing legitimate Microsoft security emails, you can review the official Microsoft Support Guide.