Outlook not updating with new email

Question

Outlook may have been compromised with scam activity and now does not receive new email activty

Answer 1

If Outlook is not receiving new email and you suspect it may have been compromised, there are several steps you can take to investigate and potentially resolve the issue:

1. Check for Compromise Symptoms: Look for signs that your account may be compromised, such as missing emails, suspicious activity, or unusual rules set up in your inbox that could be diverting emails. Common symptoms include:
   • The mailbox is blocked from sending email.
   • Missing or deleted emails.
   • Suspicious inbox rules that forward emails to unknown addresses.
   • Changes to your contact information in the Global Address List (GAL).
2. Investigate the Account: Use the Microsoft Entra admin center and the Microsoft Defender portal to check for unusual sign-in activity. Look at the sign-in logs for:
   • IP addresses
   • Sign-in locations
   • Sign-in times
   • Success or failure of sign-ins
3. Review Inbox Rules: Check for any hidden inbox rules that may be redirecting your emails. You can use the PowerShell command to list inbox rules and identify any that are suspicious.
4. Reset Password: If you find evidence of compromise, reset your password immediately and consider enabling multi-factor authentication for added security.
5. Remove Restrictions: If your mailbox is blocked from sending emails due to suspicious activity, follow the necessary steps to remove your account from the Restricted entities page.

By following these steps, you can regain control of your Outlook account and ensure it is secure.

---

References:

• Common symptoms of a compromised Microsoft 365 email account
• Secure and Restore Email Function to a Compromised Microsoft 365 Mail Enabled Account

Answer 2

Hello,

Make sure you do this on a computer, not on smartphone or tablet. Go to https://www.outlook.com and log in, click on the gear icon on the top right to launch the settings.

Then, on the Mail tab, go to Rules. Are there any rules set up here? If yes, delete them all.

Then check the conditional format, again, if it's there, delete it.

Then, check Forwarding and IMAP, If any items are present, delete them as well.

===========

If you can't find anything, go to https://account.live.com > Your info > Sign in Preferences. Make sure to check all the aliases here. If you don't recognize any there, delete it.

Then go to Security > Manage How I sign in, make sure all contact info is yours.

Please make sure you change your password and enable two-step verficiation.

Go to your account online, go to Devices, remove any devices you don't recognize.

Then go to Security, click on Sign out everywhere. This is meant to kill any session that's still connected. Unfortunately, this one will take 24 hours to take effect.

Then, take one step further - Go to your Microsoft account online https://account.live.com> Sign in > Your info > Sign in preference. Add an alias - You have two options here:

Create new: this will allow you to use the native domain outlook.com to create a new alias.

Add existing: this will allow you to add a 3rd party email address, such as yahoo, gmail, as long as they are not already associated with another Microsoft account.

Once added, make this new alias your primary alias, do NOT delete the old alias. Then at the bottom, click on "Change sign in preference". On the next page, uncheck the box for the old alias. This means, from now one, the old alias cannot be used to sign into your Microsoft account, but it can be still used to receive emails, etc.