Share via

I need to look for hidden rules in my email account

Susan F 0 Reputation points
2026-02-18T10:24:44.3533333+00:00

My email was hacked and I need to find hidden rules in my account. I am getting ransom email. chat support was no help on this. Can someone help

Outlook | Web | Outlook.com | Account management, security, and privacy
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Luke 10 Reputation points
    2026-02-27T06:45:50.27+00:00

    I've just fixed this for a customer I had. Ended up being a hidden rule as many have suspected.

    The fix for me was to add the compromised account to a full featured version of Outlook. I used Outlook (classic).

    NOT the version of Outlook which is pre-installed.

    Then run the following command in Run (WIN +R)

    outlook /cleanrules

    EDIT: First step should be to remove consent for Thunderbird and Microsoft Graph at the following link: https://microsoft.com/consent

    Also, remove any email forwarding which shouldn't be there, reset passwords, add 2FA, remove any email forwarding which shouldn't be there.

    1 person found this answer helpful.
  2. Sumit D - IA 160K Reputation points Independent Advisor
    2026-02-18T12:13:24.18+00:00

    Hi Susan,

    Check the to-do app for rules.

    It’s possible the Outlook hacker created rules in the Microsoft To-Do app, which could be causing the Email to appear. Once you flush out Microsoft To-Do, the Outlook hacked draft Email issue can go away. Go to the Software using this link and clean everything:

    Microsoft To-Do login

    This should resolve the issue, most probably.

    Some more ideas here:

    https://www.yourwindowsguide.com/2026/02/outlook-hacked-draft-email.html

    I hope this information helps. If you have any more questions, don't hesitate to reach out.

    Otherwise, please take a moment to rate the answer. Wishing you good luck!

    A Windows MVP writes content on the above website, so it is safe. However, do watch out for the ads. It should translate into your Browser language automatically.

    0 comments
  3. Q&A Assist
    2026-02-18T10:24:52.4866667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To find hidden rules in your email account, especially after being hacked, follow these steps:

    1. Sign in to Outlook Web: Go to your Outlook account via a web browser.
    2. Check Mail Rules: Navigate to Settings > Mail > Rules. Look for any suspicious rules that you did not create, especially those that may forward emails or move them to other folders.
    3. Delete Suspicious Rules: If you find any rules that seem unfamiliar or have names that look suspicious, delete them immediately.
    4. Check Forwarding Settings: In the same settings menu, check Forwarding to ensure no unknown email addresses are set to receive your emails.
    5. Use PowerShell (if applicable): If you have Microsoft 365 admin access, you can run PowerShell commands like Get-InboxRule -Mailbox youraddress@example.com to find and remove hidden rules.
    6. Monitor Account Activity: After cleaning up, keep an eye on your account for any further suspicious activity.

    It's crucial to also change your password and enable multi-factor authentication (MFA) to secure your account further.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.