I suspect it’s an attempt at getting into an existing account using a leaked email/password combo. I update my passwords regularly and do not reuse, so I don’t think the attack will be successful, but it is still frustrating. Right now, I’m changing the password of the accounts created and activating two-factor authentification to make sure I keep control of accounts using my email. Then I communicate with the customer service of the different services to let them know what happened. Is this a good idea?
I’m thinking of moving on to a new email; is the hassle worth it? What else should or could I do?