I received an email notifying me of login activity on “my” [wish.com](https://wish.com) account. I checked it out and it’s legitimately from the actual website and I went to reset the account’s password (using an automatically generated one by Chrome). The reason I did this is because I wasn’t sure if I really had an account with them or not. Looking at the acc’s information though, it has a random username and the currency is set to ₽ (Russian rubles). Thus it’s definitely not mine. Strangely enough, the email warned me of someone accessing the account from Brazil.
What’s going on here? Is this some scam or attempt to get my system infected? I didn’t visit the account’s profile, thinking the person responsible might have planted something there.
I’d be thankful for any advice!