Getting spam emails from myself which I never sent, regconized by Outlook as "drafts" email, i have been hacked. on both my Emails. as the email to recover has been changed.

Question

Getting spam emails from myself which I never sent, regconized by Outlook as "drafts" email, i have been hacked. on both my Emails. as the email to recover has been changed.

mattias s 0

Dear team,

I've received email from "myself" that goes in to "drafts" which is threatening to release videos/pictures of me it has been spamming these for the past 12h now. I understand this is spam email. And I checked my account activities during recent months and all logins from all other locations have logged in. I also have 2step that has been removed. and then i messaged the bot got access back but my backup email is still the hackers and i can not change it so please HELP. and also my second account is also hacked. and is also getting spammed by the same messages.

My concern is that is actually hacked, i have reinstalled windows i will also do a bios flash and reinstall again with a real formater. but i have access to both accounts. but so does the hacker. and i really need urgent help with this matter !!

I've scan all devices linked with my Microsoft account and i have seen mutliple logins from a lot of places. russia, USA india etc and i need HELP fixing this. as it has stolen 4 different game hubs. EPIC GAMES, Steam and so on.

Regards

Mattias S

2 answers

Your answer

Answer 1

It sounds like your email accounts have indeed been compromised, and it's crucial to take immediate action to secure them. Here are steps you can follow to regain control and secure your accounts:

Revoke User Access: Immediately revoke access to your accounts to prevent further unauthorized access. You can do this by using PowerShell commands to revoke sign-in sessions for your Microsoft 365 accounts. For example:
```
   Revoke-MgUserSignInSession -UserId <your-email-address>
```
Replace <your-email-address> with your actual email address.
Change Your Passwords: Change the passwords for both of your email accounts. Make sure to create strong, unique passwords that are not easily guessable.
Enable Multi-Factor Authentication (MFA): If you regain access, enable MFA for added security. This will help protect your accounts even if someone has your password.
Review Account Activity: Check your account activity for any unauthorized logins or changes. Look for suspicious activity such as changes to your recovery email or security questions.
Secure Your Devices: Since you mentioned reinstalling Windows, ensure that your devices are free from malware. Use reputable antivirus software to scan and clean your devices.
Check for Mail Forwarding or Rules: Review your email settings for any suspicious forwarding rules or filters that may have been set up by the attacker. Remove any that you did not create.
Contact Support: If you cannot regain access to your accounts or if the recovery email is still under the hacker's control, contact Microsoft Support for further assistance.
Monitor for Further Issues: Keep an eye on your accounts and any linked services (like Epic Games and Steam) for unusual activity. Change passwords for those accounts as well if you suspect they may also be compromised.

Taking these steps can help you regain control of your accounts and protect your personal information.

Answer 2

EmilyS726 202.4K Independent Advisor

Hello,

This is not always due to spam.

Make sure you do this on a computer, not on smartphone or tablet. Go to https://www.outlook.com and log in, click on the gear icon on the top right to launch the settings.

Then, on the Mail tab, go to Rules. Are there any rules set up here? If yes, delete them all.

Then check the conditional format, again, if it's there, delete it.

Then, check Forwarding and IMAP, If any items are present, delete them as well.

===========

If you can't find anything, go to https://account.live.com > Your info > Sign in Preferences. Make sure to check all the aliases here. If you don't recognize any there, delete it.

Then go to Security > Manage How I sign in, make sure all contact info is yours.

Please make sure you change your password and enable two-step verficiation.

Go to your account online, go to Devices, remove any devices you don't recognize.

Then go to Security, click on Sign out everywhere. This is meant to kill any session that's still connected. Unfortunately, this one will take 24 hours to take effect.

Then, take one step further - Go to your Microsoft account online https://account.live.com> Sign in > Your info > Sign in preference. Add an alias - You have two options here:

Create new: this will allow you to use the native domain outlook.com to create a new alias.

Add existing: this will allow you to add a 3rd party email address, such as yahoo, gmail, as long as they are not already associated with another Microsoft account.

Once added, make this new alias your primary alias, do NOT delete the old alias. Then at the bottom, click on "Change sign in preference". On the next page, uncheck the box for the old alias. This means, from now one, the old alias cannot be used to sign into your Microsoft account, but it can be still used to receive emails, etc.

mattias s 0 Reputation points

2026-01-25T19:05:38.5933333+00:00

hi, i done all this except i can't do that on my main login, as it's LOCKED to the hackers Email account. and it's locking me out to get to "sign-in preferences" and my other account i got full control off now. but it keeps on spamming me with this ransomware over and over. and also one called "microsoft outlook "ad" upgrade your account" that is also a virus. i can't figure out how it's still spamming. and i need contact with a person from microsoft to FIX this. as it's so messed up.
EmilyS726 202.4K Reputation points Independent Advisor

2026-01-25T19:11:14.75+00:00

Can you tell me exactly what you meant by it is locking you out to get to "sign in preference"? Is it because it is asking you to provide a verification code, or it straight up errors out?
mattias s 0 Reputation points

2026-01-25T19:20:55.47+00:00

can u somehow get on a call with me on discord? so it says "You can't access this site right now. this site requires a security code to sign in. when security info updates on 24/02/2026 you will be able to access this site. YOu can still access sites such as Outlook and Skype that don't require a security code. on 25/01/2026 you requsted that your security info be replaced Current security info

Alternate email: dz*****@gmail.com hackers email.
mattias s 0 Reputation points

2026-01-25T19:22:47.9+00:00

i need his email gone, and get my own back. or a seperate email from my old one. as he still "got and hold of my account" even tho i have 2 step on it now.
EmilyS726 202.4K Reputation points Independent Advisor

2026-01-25T19:26:39.8933333+00:00

Sorry, forum code of conduct won't allow contact off platform.

So, hacker has managed to change your security contact into to a gmail address that you don't recognize ? And you put in a request to change it but it will not change until Feb 24th, right?

That would mean that your account has been hacked more than 1 month ago, because when your security is changed, you have a 30-day window to reverse it. Just like now, you requested a change, and it has a 30-day window for the change to happen.

At this point, whether or not you can recover this account can be a bit challenging. You can still click on the "start" button here to see if the process allows you to do anything about it. https://support.microsoft.com/en-us/account-billing/how-to-recover-a-hacked-or-compromised-microsoft-account-24ca907d-bcdf-a44b-4656-47f0cd89c245
mattias s 0 Reputation points

2026-01-25T19:42:42.7233333+00:00

Correct, sorry for the late response trying to get help on a discord server for PCs. who deals with cyber security etc. but yes Email was changed, 2 step removed re added now. can't remove his email as i had to do the security thing. he has been on my email for about 4+ days. as he removed all my backups he got the main email. i will try the link
mattias s 0 Reputation points

2026-01-25T19:45:03.09+00:00

okey looked at the link, this link is how i got back my account and then i forgot the emails pw to the account i had to make to be able to get my main back. issue was it was late at the night i was doing it. and somehow i miss typed the pw i choose for that account. so it has no backup or anything. so it's done. as i have no proof except my name for that account. the new i made to get my main back. i have full access to my main account. i just can't remove his email.
EmilyS726 202.4K Reputation points Independent Advisor

2026-01-25T19:56:11.0433333+00:00

I hate to tell you, if you have missed the 30-day window to change your security info back, and you also messed up the pw, recovering it can be impossible, with one slim chance - if the hacker didn't catch the fact that you have put in a security info change, and in 30 days, you will get it change successfully back to yours, then you can go back in to change your password.
mattias s 0 Reputation points

2026-01-25T20:38:23.2133333+00:00

he removed all my info, idk how. i didn't see any suspicious logins nothing. thats why i need to get in contact with a microsoft employee. so they can fix this. and idk how this even happened. but i'm pissed !
EmilyS726 202.4K Reputation points Independent Advisor

2026-01-25T20:43:03.89+00:00

Unfortunately Microsot support wouldn't be able to help you at this point. I am being honest.

I wouldn't stand in your way if you want to chat with them though. You would use this path to get chat to come up.

To get help, open the "Get Help" app on your computer (just search for it in the Start menu). or go to https://support.microsoft.com/contactus, Type "Billing" and press Enter. On the next screen, click "Contact support" at the bottom of the page, then choose "Microsoft 365" > "Manage my subscription". You’ll then see the option to chat with a Microsoft support agent who has access to your account to help review the issue.

Share via

Getting spam emails from myself which I never sent, regconized by Outlook as "drafts" email, i have been hacked. on both my Emails. as the email to recover has been changed.

2 answers

Your answer