Hello, KY_Tim
Thanks for using our Microsoft Community.
When you sign up for Microsoft 365, Microsoft provides an onmicrosoft.com domain - your fallback domain - in case you don't own a domain, or don't want to connect it to Microsoft 365 (for example, tailspintoys.onmicrosoft.com). It serves as a default email routing address for your Microsoft 365 environment. When a user is set up with a mailbox, email is routed to the fallback domain. Even if a custom domain is used (for example, tailspintoys.com), if that custom domain is deleted from your Microsoft 365 environment, the fallback domain ensures that your user's email is successfully routed.
That is to say, the message you received doesn't come from Microsoft directly. When Microsoft sends an message, the email address won't look like this. The sender just signed up for Microsoft 365 and sent out the message to you.
There are many reasons you might receive junk e-mail. However, you can view internet message headers in Outlook. An email message internet header provides a list of technical details about the message, such as who sent it, the software used to compose it, and the email servers that it passed through on its way to the recipient. Most of the time, only an administrator will need to view internet headers for a message. If you want to add a header to your email message, see Apply stationery, backgrounds, or themes to email messages.
Some senders use spoofing to disguise their email address. By checking the header, you can find out if the email address is different than it appears, and add it to your blocked senders list.
In addition, you can use the Report Message add-in. The Report Message add-in works with Outlook to allow you to report suspicious messages to Microsoft as well as manage how your Microsoft 365 email account treats these messages.
Messages that your Microsoft 365 email account marks as junk are automatically moved to your Junk Email folder. However, spammers and phishing attempts are continually evolving. If you receive a junk email in your inbox, you can use the Report Message add-in to send the message to Microsoft to help us improve our spam filters. If you find an email in your Junk Email folder that's not spam, you can use the Report Message add-in to mark it as a legitimate email, move the message to your Inbox, and report the false positive to help Microsoft improve our spam filters.
Feel free to reply if you have other concerns.
Best regards,
Yuhao Li| Microsoft Community Support Specialist