Share via

Account Breach – BHMailer App Added – Unable to Sign In or Reverse Security Update

Shadrin Frank 25 Reputation points
2026-01-06T15:01:49.0166667+00:00

Hello,

Microsoft account has been compromised. A malicious third‑party app (BHMailer) was added and used to send phishing emails. Immediately changed password and signed out of all active sessions, but account is now locked out due to a security.

An attacker drafted an email using her password as the subject, issued a three‑day ransom demand, and the account was later locked by Microsoft for suspicious activity. I am using Authenticator too, but still it was compromised.

Could a Microsoft support moderator please escalate this as a compromised account case? I am prepared to provide ownership verification and respectfully request that the account not be permanently locked or flagged.

Thank you for your assistance.

Outlook | Outlook for mobile | Outlook for iOS | For home
0 comments
Answer accepted by question author
  1. Virginia M 39,345 Reputation points Independent Advisor
    2026-01-06T16:43:31.4766667+00:00

    Hello, I’m Virginia a fellow Windows user.

    Is this a corporate or Home account? If corporate then you’ll be able to contact Microsoft via the admin portal I believe.

    Otherwise:

    Please note we’re not Microsoft but fellow users like yourself & have no access to accounts.

    Try recovering your account here:

    Locked account:

    https://support.microsoft.com/account-billing/account-has-been-locked-805e8b0d-4141-29b2-7b65-df6ff6c9ce27

    Hacked:

    https://support.microsoft.com/account-billing/how-to-recover-a-hacked-or-compromised-microsoft-account-24ca907d-bcdf-a44b-4656-47f0cd89c245

    Or:

    Can’t sign in:

    https://support.microsoft.com/account-billing/you-can-t-sign-in-to-your-microsoft-account-475c9b5c-8c25-49f1-9c2d-c64b7072e735

    You can try also https://support.microsoft.com/home/contact & choose Account Recovery.

    If none of the above work then you’ll require the account recovery form:

    https://account.live.com/acsr

    Please note if you have 2/multi factor authentication active on your account then you cannot use the form to recover the account.

    If you’re successful in changing the details then you may find that the account is limited for 30 days, this is a security feature & cannot be circumvented.

    Please be aware that as the email address has been changed to that of the hacker &/or 2fa/mfa has been enabled then usually there’s nothing which can be done. You would need to create a new account & request that Microsoft transfer any purchases & subscriptions to the new account.

    To request a transfer of purchases & subscriptions contact Microsoft here:

    https://support.microsoft.com//help/4051701/

    https://support.microsoft.com/contactUs

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Shadrin Frank 25 Reputation points
    2026-01-07T20:13:22.66+00:00

    My personal account has been hacked, and I’m unable to sign in. I created a new account to post this question. I’ve already submitted the ACSR form as advised and am currently waiting for a response. I can receive the authenticator code, but when I enter it, I’m told my account is locked. I’m also unable to receive the verification code via my mobile number.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.