actually, I did type in the link into my address bar, as I think you [are] saying which I forgot to mention.
Actually, to be clear, I am saying that you should trust
nothing about the e-mail/text you received. Whether or not you click on the link they sent or (re-)type the link address/name into your browser, you would still end up at the same place (if it were a phishing scam.)
Instead, you should type in the MicroSoft/Steam site address directly (or conduct your own search for the address.) If this was what you actually did, then you are probably safe. However, there can be no such thing as too much precaution in this age of internet scams.