I get a message the other day from Microsoft that it detected an unusual sign in attempt for my hotmail account. The attempt was from Moscow and the Microsoft email landed in my junk file and I didn't see it for a few days. I reported back that it wasn't me. This morning I checked my sent file and there was an email that I did not send. The date was a few days before the attempt to log in. It went to a financial advisor that I don't use but I get monthly emails with financial information. I had met with this advisor years ago but decided not to use. The email in my sent said here's names and addresses of friends that I think would like to receive information from.
I immediately changed my password on the hotmail account and the other email addresses I use and enabled two step authentication on everything that didn't have it before. I checked all my financial stuff and that as the two step authentication and seems ok. I'm asking is that's enough or if I should do something else like delete the hotmail address or something else.
Thanks for any help.
I think by changing your hotmail password (assuming you chose well), having MFA on your financial services accounts, checking on things as you have done, you've responded appropriately.
I don't know if Hotmail supports MFA but if it does, enable it.
I'd consider using another mail service however. Microsoft, Yahoo, Google, the big names are big targets though they are simple and effective to use.
Personally I use a smaller less well known email service that does provide me good support and is very well regarded for security and privacy.
If you have the technical skills to handle a bit more in depth setup, consider Zoho for email, or if you are on the paranoid side, look at Proton.
How to Get Email Headers
It's possible the financial advisor's computer or email account got hacked, and a bad guy has all their contact info for clients.
Looking at the header will tell you if this email came from that advisor, or someone else. In general, NEVER reply to email you're not sure about. Open up another client (yahoo, gmail, etc), and let the advisor know about this if you see his email coming from another address.
I'd look for a more secure email than Hotlook, btw, but that's your choice.
If you had originally sent an email to that address and for whatever reason it was not delivered, sometimes after a period of time it will come up as a sent email. A lot of times you will also get an error message in your inbox saying it wasn't able to send it.
Again I am not saying that is what happened here, but it is one possible explanation.