MS 365 Email Compromised

Laurel Santos 21 Reputation points
2021-02-06T17:58:14.267+00:00

My MS 365 work email at <Redacted> has been compromised. Someone is able to send emails that appear to be from me from that account. The thieves were successful in sending an email to our bookkeeping service directing my auto-deposit paychecks to be sent to a routing number and account number across the country. They successfully stole over $1,500. I have logged completely out of my work email and now get constant spam messages to log back in so the thieves can continue to use the email as me. I am the principle of the school where I work and MUST have access to my school email account without changing user name. I am afraid changing my password will not work, because the thieves obviously don't have my password or I wouldn't be getting constant messages asking me to log in. Is it possible I have been compromised at the port level? Please help!

Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,240 questions
0 comments No comments
{count} votes

Accepted answer
  1. Andy David - MVP 142.7K Reputation points MVP
    2021-02-06T18:22:08.41+00:00

    The first step to protect yourself is to not put your personal email in your question :) . I have removed it from your question.

    Anyone can be spoofed and most likely that is what happened versus actually having access to your account. If your book keeping service fell for this, thats on them, not you.

    Now, having said that, you should absolutely change your password as soon as possible.

    Also, enable your accounst for MFA ( all your users should be required to use MFA)

    https://learn.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-authentication?redirectSourcePath=%252fen-us%252foffice%252f8f0454b2-f51a-4d9c-bcde-2c48e41621c6&view=o365-worldwide

    https://support.microsoft.com/en-us/office/set-up-your-microsoft-365-sign-in-for-multi-factor-authentication-ace1d096-61e5-449b-a875-58eb3d74de14

    IF you really feel your email has been compromised, open a ticket with 365 and ask them to assist you

    https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account?view=o365-worldwide

    1 person found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. jhon233 1 Reputation point
    2023-04-17T09:23:34.8766667+00:00

    t's crucial that you contact your IT department or Microsoft support immediately to report the compromise of your MS 365 work email account. They will be able to investigate and take appropriate measures to secure your account and prevent further unauthorized access. Please refrain from logging in or clicking on any suspicious emails or links until the issue is resolved to mitigate any potential risks.

    0 comments No comments