Woke up to a single-use code email on alt address. Outlook login activity detected.
So, I woke up to a single-use code email on my alt verification address. I didn't click anything, but the timing of it seemed odd and the email looked decently legit (except the Privacy Policy link actually showed a link instead of clickable text). Anyway, I went directly into outlook to check my login history.
Most of the history doesn't show up anymore, but it did show a successful sign in from my correct IP address and iOS device. Thing is, login time was at about 5AM and I most definitely wasn't awake at that time. This matches the time of the single-use code email.
I clicked "Secure your account" from Outlook and it even told me "We think this was you," because the details seemed correct aside from the time/hour. But I opted to secure anyway. When I did, it asked me to sign in again and said a suspicious login was detected. Nothing new on the login history, other than me changing my password.
I found it odd that Outlook would first discourage me from securing and then say that I must in the span of a minute lol.
Is there a reason this would happen? Could it be a messy time-zone thing or something causing Outlook to misread my login time? The alternative is that someone really did try to log into my account from my own IP address and device, which seems unlikely. Can that information be spoofed on the login history?
I'm worried that the sign-in was successful as it implies someone may have access to my alt address and device as well.