If this isn’t a phishing email itself, your email address was probably harvested from a compromised site you used it to sign up with. There are sites where you can check to see if it’s compromised. This is why I started using email aliases when signing up for any site or service. It shows where it was compromised or you’ll find some companies will share it with partners or sell your info sometimes.
Not sure. But Proton, Apple,
passmailSimpleLogin (got names mixed up) and some other providers have a way you can create email aliases on the fly that forward to your real address. I think Microsoft does too but it was limited last time I looked at it.